Managing Environment Variables and ConfigMaps

In Kubernetes, applications often need configuration data such as environment variables, database connection strings, or API keys. Instead of hardcoding these values inside Pods, Kubernetes provides ConfigMaps and Secrets to manage configuration in a clean, secure, and scalable way. This ensures applications remain portable and easy to update without rebuilding container images.

Environment Variables in Pods

Environment variables are key-value pairs injected into containers at runtime. They allow applications to adapt to different environments without changing the code.

YAML Example: Environment Variables

apiVersion: v1
kind: Pod
metadata:
  name: env-demo
spec:
  containers:
  - name: demo-container
    image: nginx
    env:
    - name: APP_MODE
      value: "production"
    - name: APP_VERSION
      value: "1.0"

Explanation: This Pod defines two environment variables (APP_MODE and APP_VERSION) that the container can use at runtime.

ConfigMaps

ConfigMaps store non-sensitive configuration data in key-value pairs. They decouple configuration from application code, making updates easier.

Creating a ConfigMap

# Create ConfigMap from literal values
kubectl create configmap app-config --from-literal=APP_MODE=production --from-literal=APP_VERSION=1.0

# Create ConfigMap from file
kubectl create configmap app-config --from-file=config.properties

YAML Example: ConfigMap

apiVersion: v1
kind: ConfigMap
metadata:
  name: app-config
data:
  APP_MODE: "production"
  APP_VERSION: "1.0"

Explanation: This ConfigMap stores configuration values that can be injected into Pods.

Using ConfigMaps in Pods

ConfigMaps can be consumed by Pods as environment variables or mounted as files.

YAML Example: Inject ConfigMap as Environment Variables

apiVersion: v1
kind: Pod
metadata:
  name: configmap-demo
spec:
  containers:
  - name: demo-container
    image: nginx
    envFrom:
    - configMapRef:
        name: app-config

Explanation: All key-value pairs from app-config are injected as environment variables into the container.

YAML Example: Mount ConfigMap as Volume

apiVersion: v1
kind: Pod
metadata:
  name: configmap-volume-demo
spec:
  containers:
  - name: demo-container
    image: nginx
    volumeMounts:
    - name: config-volume
      mountPath: /etc/config
  volumes:
  - name: config-volume
    configMap:
      name: app-config

Explanation: The ConfigMap is mounted as files inside /etc/config, allowing applications to read configuration from files.

Flowchart: ConfigMap Usage


   Developer defines ConfigMap ---> API Server stores it ---> etcd persists state
          |
          v
   Pod references ConfigMap ---> Environment variables or mounted files
          |
          v
   Application reads configuration dynamically

Real-Time Example

In a microservices-based e-commerce application:

  • Environment Variables: Used to define runtime settings like APP_MODE=production.
  • ConfigMaps: Store database connection strings, feature flags, or API endpoints.
  • Secrets: Store sensitive data like passwords or tokens (not covered here but often used alongside ConfigMaps).

Common Mistakes

  • Hardcoding configuration inside container images.
  • Not updating Pods after changing ConfigMaps (requires redeployment).
  • Using ConfigMaps for sensitive data instead of Secrets.
  • Incorrect indentation in YAML files causing parsing errors.

Interview Notes

Q1: What is the difference between ConfigMap and Secret?

Answer: ConfigMap stores non-sensitive configuration data, while Secret stores sensitive data like passwords and tokens, encoded in base64.

Q2: How do you inject ConfigMap values into a Pod?

Answer: ConfigMaps can be injected as environment variables using envFrom or mounted as files using volumes.

Q3: What happens if you update a ConfigMap?

Answer: The new values are stored, but Pods using the ConfigMap must be restarted or redeployed to pick up changes.

Q4: Example Interview Task

apiVersion: v1
kind: Pod
metadata:
  name: configmap-task
spec:
  containers:
  - name: demo-container
    image: nginx
    env:
    - name: APP_MODE
      valueFrom:
        configMapKeyRef:
          name: app-config
          key: APP_MODE

Explanation: This Pod injects a single key (APP_MODE) from the ConfigMap into the container as an environment variable.

Advanced Notes

  • Dynamic Updates: ConfigMaps can be updated without rebuilding images, but Pods need to be restarted.
  • Best Practices: Use ConfigMaps for non-sensitive data and Secrets for sensitive data.
  • Helm Charts: Often use ConfigMaps to manage application configuration across environments.
  • RBAC: Control access to ConfigMaps using Kubernetes Role-Based Access Control.

Summary

Environment variables and ConfigMaps are essential for managing application configuration in Kubernetes. They decouple configuration from code, making applications portable and easier to manage. ConfigMaps can be injected as environment variables or mounted as files, while Secrets handle sensitive data. Understanding these concepts helps developers build scalable, secure, and maintainable applications, and prepares them for real-world deployments and interviews.

Related Topics

Introduction to Containers and Kubernetes Kubernetes Architecture and Components Cluster Autoscaling and Node Management Setting Up a Local Kubernetes Cluster Helm: The Kubernetes Package Manager Understanding Kubernetes Objects and YAML Manifests

🔥 Popular Topics

Introduction to Containers and Kubernetes 25 views CI/CD Pipelines with Kubernetes 25 views Kubernetes Architecture and Components 24 views Multi-Cluster Management and Federation 24 views Understanding Kubernetes Objects and YAML Manifests 24 views