ConfigMap

About

A ConfigMap is a Kubernetes object that stores non-confidential configuration data in key-value pairs.

It lets you decouple environment-specific config (like database URLs, feature flags, API endpoints) from your container images and Pods.

ConfigMaps are for non-sensitive data.

For secrets (passwords, API keys, TLS certs), use Secrets, not ConfigMaps.

ConfigMaps can be updated, but Pods don’t automatically reload the new config unless:

The app watches the config files, OR
You restart the Pods.

Commands

Create ConfigMap from literal values:

kubectl create configmap <configmap-name> \
  --from-literal=node_env=production \
  --from-literal=port=8000

Create ConfigMap from a file:

kubectl create configmap <configmap-name> --from-file=.env

Example

configmap-env.yaml

apiVersion: v1
kind: ConfigMap
metadata:
  name: myconfig
data:
  db_host: mysql.example.com
  db_port: "3306"
  feature_flag: "true"

How to use in Deployment example 1 (Individual env variables):

deployment.yaml

...
spec:
  template:
    ...
    spec:
      containers:
        - name: myapp-container
          image: nginx:1.25
          ports:
            - containerPort: 80
          env:
            - name: DB_HOST
              valueFrom:
                configMapKeyRef:
                  name: myconfig   # name of the ConfigMap
                  key: db_host

How to use in Deployment example 2 (Whole env file):

deployment.yaml

...
spec:
  template:
    ...
    spec:
      containers:
        - name: myapp-container
          image: nginx:1.25
          ports:
            - containerPort: 80
          envFrom:
            - configMapRef:
              name: myconfig   # name of the ConfigMap

How to use in Deployment example 3 (Injected as a volume):

deployment.yaml

...
spec:
  template:
    ...
    spec:
      containers:
        - name: myapp-container
          image: nginx:1.25
          ports:
            - containerPort: 80
          volumeMounts:
            - mountPath: /etc/config
              name: config-volume
      volumes:
        - name: config-volume
          configMap:
            name: myconfig

PreviousServices NextSecret

Last updated 3 months ago