[Verse 1] When your app needs settings but code stays clean ConfigMaps hold the values in between Environment variables, database ports JSON files and configs of all sorts Mount them as volumes or inject as vars Your secrets stay separate from your stars [Chorus] Config Maps for settings, Secrets for the keys Mount them, bind them, set your apps at ease Volume mounts persist while env vars flow fast Base64 encoding makes your secrets last Never hardcode passwords in your source ConfigMaps and Secrets change the course [Verse 2] Create from literals or from a file kubectl commands make management worthwhile Key-value pairs in a namespace scope Updates roll out giving pods new hope Opaque secrets hide what shouldn't show TLS certificates help secure your flow [Chorus] Config Maps for settings, Secrets for the keys Mount them, bind them, set your apps at ease Volume mounts persist while env vars flow fast Base64 encoding makes your secrets last Never hardcode passwords in your source ConfigMaps and Secrets change the course [Bridge] Volume mounts create files in your pod Environment injection talks to God Projected volumes merge multiple sources subPath mounting redirects the courses Immutable flag prevents unwanted change Keep your containers in the proper range [Verse 3] Secret types include dockerconfigjson Service accounts and tokens get things done imagePullSecrets authenticate your pulls While stringData skips encoding rules Watch for updates with rolling deployments ConfigMap changes trigger new appointments [Chorus] Config Maps for settings, Secrets for the keys Mount them, bind them, set your apps at ease Volume mounts persist while env vars flow fast Base64 encoding makes your secrets last Never hardcode passwords in your source ConfigMaps and Secrets change the course [Outro] Separate concerns and externalize state ConfigMaps and Secrets seal your fate Twelve-factor apps with config outside Let your containers run with pride
← Ingress and External Traffic | Health Probes and Observability →