Openshift offers many possibilities to embed files in pods. Furthermore, there are many reasons to include files in pods. So, embedding configuration files is a powerful mechanism. In this way, unchangeable containers become populated with dynamic content. In brief, ConfigMaps or Secrets contain such files. During container startup the run time injects them into the container.

ConfigMaps to mount file into pods

The example ConfigMap contains a single file named kirk.pem. Here, it is an SSL certificate and encoded as multiline text in YAML format. A char sequence “|-” introduces multiline contents. Afterwards, following and indented lines define file content. As a result, we see a single file. But the map may contain a set of files.

ConfigMap Example

kind: ConfigMap
apiVersion: v1
  name: es-certs-secret
  namespace: ${NAMESPACE}
  kirk.pem: |-
    -----END CERTIFICATE-----
Mounting files from ConfigMap is pretty simple. Line 19 defines a volume and references ConfigMap at line 21. Furthermore, section at line 11 volumeMounts references the volume. In consequence, a simple use case is to mount all files from config map into given mountPath. The example shows a more advanced use case which mounts single files into file system. This way allows mounting files beside existing files.
kind: StatefulSet
apiVersion: apps/v1
        - name: elasticsearch
          image: "amazon/opendistro-for-elasticsearch"
             - name: es-certs-volume
               mountPath: /usr/share/elasticsearch/config/kirk.pem
               subPath: kirk.pem
             - name: es-certs-volume
               mountPath: /usr/share/elasticsearch/config/kirk-key.pem
               subPath: kirk-key.pem
         - name: es-certs-volume
           name: es-certs-secret
The most simple use case mounts the ConfigMap to a mount point. In consequence, it mounts all file entries to specified mount path and overrides existing contents. That means to replace an existing folder by on empty one. In consequence, it removes any existing file. After that, the empty folder mounts new contents.

The above example is more advanced and combines existing files with files from ConfigMap.


Using Development Environment in Containers on Workstation

Setting up the workstation with small auxiliary tools is done quickly for the individual. In a growing team, the setup quickly becomes a challenge. Containers can help and bring everything ready configured to each individual's workplace. Setting up the new laptop The...

The principle of secure software development

Many applications are vulnerable to attacks. Application development is becoming increasingly complex. At the same time, security requirements are gaining in importance. In this article, I show the challenges and offer solutions. Focusing on the principle of secure...

New: OKD Docker Image is stuck – Operation not possible

Openshift and also OKD Docker image is stuck when loading. A severe bug in the CRI-O engine causes stuck the OKD Docker images in an invalid and unusable state. There are discussions about timeouts while loading the images from the docker registry or too long...

Windows Subsystem for Linux and Minikube

The Windows Subsystem for Linux is the seamless integration of Linux into Windows. Use Windows natively and quickly issue a Linux command. Apply a Linux command to the Windows file system without having to start a virtual machine. As a result, Linux is always...

New: Openshift OKD causes image layer not known problems

The POD fails to start, and referrers to the image layer not known. The "layer not known" issue may affect one or more cluster nodes. In effect, there is a corrupt docker image on the local disk cache. The layer not known problem still exists, even after a node or...

The Docker daemon configuration files

Where are the Docker daemon configuration files located? How to restart the Docker daemon after applying changes to the configuration? How to change and activate the Docker configuration? These are frequently asked questions. But changes to the Docker configuration...

Make it easy: Apache Spark, Data Frames and Regex Power

Regular Expressions are a powerful tool to split texts into fragments. Furthermore, Apache Spark is an analytics engine and capable of processing large amounts of data sets. The feature of naming capturing groups makes the usage of regular expressions more accessible....

Docker Content Trust

Docker Content Trust feature enables your environment to run only with signed images. In this way, Docker Content Trust ensures that the docker pulls only signed containers from the docker registry. Once enabled, Docker Content Trust is active for all docker pull...

Docker, networks, subnets and IP address pools

Docker uses default address pools to create subnets. For most use cases, the shipped defaults fit. But sometimes they cause conflicts with existing networks or subnets. Overlapping networks may conflict with existing systems. Or a large number of docker networks...

Docker networks and subnets

Docker uses default address pools to create subnets. For most use cases, the shipped docker subnet defaults fit. But sometimes the docker subnets cause conflicts with existing networks or subnets. Overlapping networks may conflict with existing systems. Or a large...