Deploying enterprise applications requires extensive configuration management. Hard-coding configuration into your application image couples the application to a specific environment, which requires you to build a new image for each environment. Kubernetes ConfigMaps solve this problem by decoupling configuration from your application code. They allow you to store non-sensitive configuration data externally and inject it into your pods at runtime. This enables you to use the same application image across multiple environments. For sensitive data, use Secrets.
Selection guide
Mount as a volume (Recommended): This method exposes configuration data as files. Changes to the ConfigMap are automatically synced to the mounted files without requiring a pod restart. Use this method to manage complete configuration files and for scenarios that require dynamic updates.
Inject as environment variables: This method injects configurations directly into the container as environment variables. Use this method for simple key-value parameters, such as runtime arguments or feature flags.
Create a configuration item
This section describes how to create a ConfigMap for a sample Nginx deployment.
Console
Log on to the Container Service for Kubernetes (ACK) console. In the navigation pane on the left, click Clusters.Click the name of the target cluster. In the navigation pane on the left, choose .
Create a sample configuration item: set Namespace to
defaultand click Create.Enter a name for the ConfigMap. Then, click + Add, enter a Name and Value for the configuration item, and then click OK.
ConfigMap Name: app-config
Add a configuration item by entering a name and value. You can also click Import from File to create a ConfigMap from a JSON file.
nginx.conf:server { listen 80; location / { root /usr/share/nginx/html; index index.html; } location /health { return 200 "healthy\n"; add_header Content-Type text/plain; } }
kubectl
Create the ConfigMap.
kubectl create configmap app-config \ --namespace=default \ --from-literal=nginx.conf="$(cat <<'EOF' server { listen 80; location / { root /usr/share/nginx/html; index index.html; } location /health { return 200 "healthy\n"; add_header Content-Type text/plain; } } EOF )"Check the ConfigMap. The output
DATA: 1indicates that the configuration item is created.kubectl get configmap app-config
Use a ConfigMap in a pod
The workload and the ConfigMap that it uses must be in the same cluster and namespace.
Method 1: Volume mounting
Console configuration
Log on to the ACK console. In the navigation pane on the left, click Clusters.Click the name of the target cluster. In the navigation pane on the left, choose .
Create a deployment.
On the Stateless page, click Create From Image.
On the Basic Information page, configure the basic information for the application.
Name:
nginx-volume-demo. Namespace:default.Replicas:
2. Type:Stateless (Deployment).
Click Next to proceed to the Container Configuration page.
Configure Image Name and Port.
Image Name:
anolis-registry.cn-zhangjiakou.cr.aliyuncs.com/openanolis/nginx:1.14.1-8.6Container Port: 80, Protocol: TCP.
ImportantBefore you can pull this image, the cluster must have public network access. If you selected Configure SNAT for VPC when you created the cluster, which is enabled by default, no extra configuration is required. Otherwise, for more information, see Enable an ACK cluster to access the internet.
In the Volumes section, click Add Local Storage to add a mount for the ConfigMap.After you configure the information, click Next.
PV Type: ConfigMap. Name:
nginx-config. Mount Source:app-config. Container Path:/etc/nginx/conf.d.
On the Advanced Configuration page, configure scaling, scheduling, and labels and annotations as needed, and then click Create.
On the Creation Complete page, view the application tasks.
In the Application Creation Task Submitted panel, click View Application Details and verify that the status of the containerized application is
Running.
Verify that the ConfigMap file is mounted.
Select the container that you want to log on to, such as nginx-volume-demo-7xxxxxx****. In the Actions column, click Terminal and select nginx to log on to the container.
The output contains the nginx.conf file. This indicates that the ConfigMap is mounted.
ls -la /etc/nginx/conf.d/Verify the file content.
cat /etc/nginx/conf.d/nginx.confThe output is the same as the content of the configuration item. This indicates that the application can access the ConfigMap data by mounting the ConfigMap as a volume.
Kubectl Configuration
Create a file named nginx-volume-demo.yaml.
apiVersion: apps/v1 kind: Deployment metadata: name: nginx-volume-demo namespace: default spec: replicas: 2 selector: matchLabels: app: nginx-volume template: metadata: labels: app: nginx-volume spec: containers: - name: nginx image: anolis-registry.cn-zhangjiakou.cr.aliyuncs.com/openanolis/nginx:1.14.1-8.6 ports: - containerPort: 80 volumeMounts: - name: nginx-config mountPath: /etc/nginx/conf.d volumes: - name: nginx-config configMap: name: app-config items: - key: nginx.conf path: nginx.confCreate the deployment.
kubectl apply -f nginx-volume-demo.yamlCheck the deployment. If the pod status is
Running, the application is created.kubectl get pods -l app=nginx-volume -n defaultThe output contains the nginx.conf file. This indicates that the ConfigMap is mounted.
kubectl exec deployment/nginx-volume-demo -n default -- ls -la /etc/nginx/conf.d/Verify the file content.
kubectl exec deployment/nginx-volume-demo -n default -- cat /etc/nginx/conf.d/nginx.confThe output is the same as the content of the configuration item. This indicates that the application can access the ConfigMap data by mounting the ConfigMap as a volume.
Method 2: Environment Variable Injection
Console configuration
Log on to the ACK console. In the navigation pane on the left, click Clusters.Click the name of the target cluster. In the navigation pane on the left, choose .
Create a deployment.
On the Stateless page, click Create From Image.
On the Basic Information page, configure the basic information for the application.
Application Name:
nginx-env-demo. Namespace:default.Replicas:
2. Type:Stateless (Deployment).
Click Next to continue to the Container Configuration page.
Configure Image Name and Port.
Image Name:
anolis-registry.cn-zhangjiakou.cr.aliyuncs.com/openanolis/nginx:1.14.1-8.6Container Port: 80, Protocol: TCP.
ImportantBefore you can pull this image, the cluster must have public network access. If you selected Configure SNAT for VPC when you created the cluster, which is enabled by default, no extra configuration is required. Otherwise, for more information, see Enable an ACK cluster to access the internet.
In the Environment Variables section, click Add.After you configure the information, click Next.
Type: configuration item, Name:
CONFIG_, Variable/Variable reference:app-config.
On the Advanced Configuration page, configure scaling, scheduling, and labels and annotations as needed, and then click Create.
On the Creation Complete page, view the application tasks.
In the Application Creation Task Submitted panel, click View Application Details and verify that the container status is
Running.
Verify that the environment variables have been injected.
Select the container that you want to log on to, such as nginx-env-demo-7xxxxxx****. In the Actions column, click Terminal and select nginx to log on to it.
env | grep CONFIG_The output is the same as the content of the configuration item. This indicates that the application can access the ConfigMap data through environment variables.
Kubectl configuration
Create a file named nginx-env-demo.yaml.
apiVersion: apps/v1 kind: Deployment metadata: name: nginx-env-demo namespace: default spec: replicas: 2 selector: matchLabels: app: nginx-env template: metadata: labels: app: nginx-env spec: containers: - name: nginx image: anolis-registry.cn-zhangjiakou.cr.aliyuncs.com/openanolis/nginx:1.14.1-8.6 ports: - containerPort: 80 # Inject all key-value pairs from the ConfigMap. envFrom: - prefix: CONFIG_ configMapRef: name: app-configCreate the deployment.
kubectl apply -f nginx-env-demo.yamlCheck the deployment. If the pod status is
Running, the application is created.kubectl get pods -l app=nginx-env -n defaultVerify that the environment variables are injected.
kubectl exec deployment/nginx-env-demo -n default -- env | grep CONFIG_The output is the same as the content of the configuration item. This confirms that the application can access the ConfigMap data through environment variables.
Manage ConfigMaps
After you create a configuration item, you can perform the following operations on the Configuration Item page:
Operation | Description |
Edit a ConfigMap | In the Actions column of the target ConfigMap, click Edit. You can modify the Name and Value of the configuration item. Important Modifying a ConfigMap that is in use directly affects associated applications, which can cause service restarts or errors. Assess the impact before you make changes, and perform the operation during off-peak hours. |
Delete a configuration item | In the Actions column of the target ConfigMap, click Delete to remove a ConfigMap that is no longer used. Important Do not delete system-generated ConfigMaps in the kube-system and kube-public namespaces, such as the CoreDNS configuration. Deleting them can affect cluster stability. |
References
For more information about the diagnostic process, troubleshooting methods, common issues, and solutions for pod exceptions, see Troubleshoot pod exceptions.
For more information about how to create a stateless application in an ACK cluster using the console and kubectl, see Create a stateless Deployment.
For more information, see the Kubernetes documentation about ConfigMaps.