Rancher secrets and config maps
Using Kubernetes envFrom for environment variables describes how to get env variables from config map or secret, copying here:
#####################
### deployment.yml
#####################
# Use envFrom to load Secrets and ConfigMaps into environment variables
apiVersion: apps/v1beta2
kind: Deployment
metadata:
name: mans-not-hot
labels:
app: mans-not-hot
spec:
replicas: 1
selector:
matchLabels:
app: mans-not-hot
template:
metadata:
labels:
app: mans-not-hot
spec:
containers:
- name: app
image: gcr.io/mans-not-hot/app:bed1f9d4
imagePullPolicy: Always
ports:
- containerPort: 80
envFrom:
- configMapRef:
name: env-configmap
- secretRef:
name: env-secrets
#####################
### env-configmap.yml
#####################
# Use config map for not-secret configuration data
apiVersion: v1
kind: ConfigMap
metadata:
name: env-configmap
data:
APP_NAME: Mans Not Hot
APP_ENV: production
#####################
### env-secrets.yml
#####################
# Use secrets for things which are actually secret like API keys, credentials, etc
# Base64 encode the values stored in a Kubernetes Secret: $ pbpaste | base64 | pbcopy
# The --decode flag is convenient: $ pbpaste | base64 --decode
apiVersion: v1
kind: Secret
metadata:
name: env-secrets
type: Opaque
data:
DB_PASSWORD: cDZbUGVXeU5e0ZW
REDIS_PASSWORD: AAZbUGVXeU5e0ZB
@caiquecastro
This is neater than what I used before, listing literally all of them:
spec:
containers:
- name: name
image: image
env:
- name: BUCKET_NAME
valueFrom:
configMapKeyRef:
name: some-config
key: BUCKET_NAME
Nel mezzo del deserto posso dire tutto quello che voglio.
comments powered by Disqus