Config maps
“https://kubernetes.io/docs/concepts/configuration/configmap/”
There are four different ways that you can use a ConfigMap to configure a container inside a Pod:
- Inside a container command and args
- Environment variables for a container
- Add a file in read-only volume, for the application to read
- Write code to run inside the Pod that uses the Kubernetes API to read a ConfigMap
Gotchas
- ConfigMap does not provide secrecy or encryption.
- ConfigMaps consumed as environment variables are not updated automatically and require a pod restart.
- When a ConfigMap currently consumed in a volume is updated, projected keys are eventually updated as well
- A container using a ConfigMap as a subPath volume mount will not receive ConfigMap updates.
- When a ConfigMap currently consumed in a volume is updated, projected keys are eventually updated as well
- A ConfigMap is not designed to hold large chunks of data. The data stored in a ConfigMap cannot exceed 1 MiB
- The name of a ConfigMap must be a valid DNS subdomain name.
- The Pod and the ConfigMap must be in the same namespace.
- You can bypass this and access a ConfigMap in a different namespace by accessing cm using k8s api
- The
specof a static Pod cannot refer to a ConfigMap - A ConfigMap doesn’t differentiate between single line property values and multi-line file-like values. What matters is how Pods and other objects consume those values.
Immutable Configmap
you can add an immutable field to a ConfigMap definition to create an immutable ConfigMap.
“https://kubernetes.io/docs/concepts/configuration/configmap/#configmap-immutable”