One of the coolest stuff I’ve picked up just today is that you can keep environment variables that you want to be loaded into every deployment pod in a neatly configured
Secret which gets injected back into the Pod during deploys.
Lets say you have a Secret that looks like:
apiVersion: v1 kind: Secret metadata: name: mysecret type: Opaque data: username: YWRtaW4= password: MWYyZDFlMmU2N2Rm
And you want
password to be easily accessible in
ENV['password'] on your application pods, all you need is a
envFrom within your
apiVersion: extension/v1beta1 kind: Deployment spec: replicas:1 template: spec: containers: - name: test-container image: gcr.io/google_containers/busybox command: [ "/bin/sh", "-c", "env" ] envFrom: - secretRef: name: mysecret
envFrom expects an array, you can do multiple references like:
envFrom: - secretRef: name: hello - configMapRef: name: hello2 - configMapRef: name: hello3
This will take all the data keys from the 2
ConfigMaps and 1
Secret and load it into your pod.