ConfigMaps to mount file into pods
The example ConfigMap contains a single file named kirk.pem. Here, it is an SSL certificate and encoded as multiline text in YAML format. A char sequence “|-” introduces multiline contents. Afterwards, following and indented lines define file content. As a result, we see a single file. But the map may contain a set of files.
ConfigMap Example
kind: ConfigMap apiVersion: v1 metadata: name: es-certs-secret namespace: ${NAMESPACE} data: kirk.pem: |- -----BEGIN CERTIFICATE----- MIIEdzCCA1+gAwIBAgIGAWLrc1O4MA0GCSqGSIb3DQEBCwUAMIGPMRMwEQYKCZIm iZPyLGQBGRYDY29tMRcwFQYKCZImiZPyLGQBGRYHZXhhbXBsZTEZMBcGA1UECgwQ RXhhbXBsZSBDb20gSW5jLjEhMB8GA1UECwwYRXhhbXBsZSBDb20gSW5jLiBSb290 IENBMSEwHwYDVQQDDBhFeGFtcGxlIENvbSBJbmMuIFJvb3QgQ0EwHhcNMTgwNDIy MDM0MzQ3WhcNMjgwNDE5MDM0MzQ3WjBNMQswCQYDVQQGEwJkZTENMAsGA1UEBwwE dGVzdDEPMA0GA1UECgwGY2xpZW50MQ8wDQYDVQQLDAZjbGllbnQxDTALBgNVBAMM BGtpcmswggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCwgBOoO88uMM8 dREJsk58Yt4Jn0zwQ2wUThbvy3ICDiEWhiAhUbg6dTggpS5vWWJto9bvaaqgMVoh ElfYHdTDncX3UQNBEP8tqzHON6BFEFSGgJRGLd6f5dri6rK32nCotYS61CFXBFxf WumXjSukjyrcTsdkR3C5QDo2oN7F883MOQqRENPzAtZi9s3jNX48u+/e3yvJzXsB GS9Qmsye6C71enbIujM4CVwDT/7a5jHuaUp6OuNCFbdRPnu/wLYwOS2/yOtzAqk7 /PFnPCe7YOa10ShnV/jx2sAHhp7ZQBJgFkkgnIERz9Ws74Au+EbptWnsWuB+LqRL x5G02IzpAgMBAAGjggEYMIIBFDCBvAYDVR0jBIG0MIGxgBSSNQzgDx4rRfZNOfN7 X6LmEpdAc6GBlaSBkjCBjzETMBEGCgmSJomT8ixkARkWA2NvbTEXMBUGCgmSJomT 8ixkARkWB2V4YW1wbGUxGTAXBgNVBAoMEEV4YW1wbGUgQ29tIEluYy4xITAfBgNV BAsMGEV4YW1wbGUgQ29tIEluYy4gUm9vdCBDQTEhMB8GA1UEAwwYRXhhbXBsZSBD b20gSW5jLiBSb290IENBggEBMB0GA1UdDgQWBBRsdhuHn3MGDvZxOe22+1wliCJB mDAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSUBAf8EDDAKBggr BgEFBQcDAjANBgkqhkiG9w0BAQsFAAOCAQEAkPrUTKKn+/6g0CjhTPBFeX8mKXhG zw5z9Oq+xnwefZwxV82E/tgFsPcwXcJIBg0f43BaVSygPiV7bXqWhxASwn73i24z lveIR4+z56bKIhP6c3twb8WWR9yDcLu2Iroin7dYEm3dfVUrhz/A90WHr6ddwmLL 3gcFF2kBu3S3xqM5OmN/tqRXFmo+EvwrdJRiTh4Fsf0tX1ZT07rrGvBFYktK7Kma lqDl4UDCF1UWkiiFubc0Xw+DR6vNAa99E0oaphzvCmITU1wITNnYZTKzVzQ7vUCq kLmXOFLTcxTQpptxSo5xDD3aTpzWGCvjExCKpXQtsITUOYtZc02AGjjPOQ== -----END CERTIFICATE----- Mounting files from ConfigMap is pretty simple. Line 19 defines a volume and references ConfigMap at line 21. Furthermore, section at line 11 volumeMounts references the volume. In consequence, a simple use case is to mount all files from config map into given mountPath. The example shows a more advanced use case which mounts single files into file system. This way allows mounting files beside existing files.
kind: StatefulSet apiVersion: apps/v1 metadata: ... spec: spec: containers: - name: elasticsearch image: "amazon/opendistro-for-elasticsearch" ... volumeMounts: - name: es-certs-volume mountPath: /usr/share/elasticsearch/config/kirk.pem subPath: kirk.pem - name: es-certs-volume mountPath: /usr/share/elasticsearch/config/kirk-key.pem subPath: kirk-key.pem ... volumes: - name: es-certs-volume configMap: name: es-certs-secretThe most simple use case mounts the ConfigMap to a mount point. In consequence, it mounts all file entries to specified mount path and overrides existing contents. That means to replace an existing folder by on empty one. In consequence, it removes any existing file. After that, the empty folder mounts new contents.
The above example is more advanced and combines existing files with files from ConfigMap.
References:
0 Comments