Load env variables from ConfigMaps and Secrets upon Pod boot
One of the coolest stuff I’ve picked up just today is that you can keep environment variables that you want to be loaded into every deployment pod in a neatly configured ConfigMap or Secret which gets injected back into the Pod during deploys.
Lets say you have a Secret that looks like:
apiVersion: v1
kind: Secret
metadata:
name: mysecret
type: Opaque
data:
username: YWRtaW4=
password: MWYyZDFlMmU2N2Rm
And you want username and password to be easily accessible in ENV['username'] and ENV['password'] on your application pods, all you need is a envFrom within your TemplateSpec
ie.
apiVersion: extension/v1beta1
kind: Deployment
spec:
replicas:1
template:
spec:
containers:
- name: test-container
image: gcr.io/google_containers/busybox
command: [ "/bin/sh", "-c", "env" ]
envFrom:
- secretRef:
name: mysecret
Because envFrom expects an array, you can do multiple references like:
envFrom:
- secretRef:
name: hello
- configMapRef:
name: hello2
- configMapRef:
name: hello3
This will take all the data keys from the 2 ConfigMaps and 1 Secret and load it into your pod.