I am working on operator-sdk, in the controller, we often need to create a Deployment object, and Deployment resource has a lot of configuration items, such as environment variables or ports definition or others as following. I am wondering what is best way to get these values, I don't want to hard code them, for example, variable_a or variable_b.
Probably, you can put them in the CRD as spec, then pass them to Operator Controller; Or maybe you can put them in the configmap, then pass configmap name to Operator Controller, Operator Controller can access configmap to get them; Or maybe you can put in the template file, then in the Operator Controller, controller has to read that template file.
What is best way or best practice to deal with this situation? Thanks for sharing your ideas or points.
deployment := &appsv1.Deployment{
ObjectMeta: metav1.ObjectMeta{
Name: m.Name,
Namespace: m.Namespace,
Labels: ls,
},
Spec: appsv1.DeploymentSpec{
Replicas: &replicas,
Selector: &metav1.LabelSelector{
MatchLabels: ls,
},
Template: corev1.PodTemplateSpec{
ObjectMeta: metav1.ObjectMeta{
Labels: ls,
},
Spec: corev1.PodSpec{
Containers: []corev1.Container{{
Image: "....",
Name: m.Name,
Ports: []corev1.ContainerPort{{
ContainerPort: port_a,
Name: "tcpport",
}},
Env: []corev1.EnvVar{
{
Name: "aaaa",
Value: variable_a,
},
{
Name: "bbbb",
Value: variable_b,
},
Using enviroment variables
It can be convenient that your app gets your data as environment variables.
Environment variables from
ConfigMap
For non-sensitive data, you can store your variables in a
ConfigMap
and then define container environment variables using theConfigMap
data.Example from Kubernetes docs:
Create the
ConfigMap
first. Fileconfigmaps.yaml
:Create the ConfigMap:
Then define the environment variables in the
Pod
specification,pod-multiple-configmap-env-variable.yaml
:Create the
Pod
:Now in your controller you can read these environment variables
SPECIAL_LEVEL_KEY
(which will give youspecial.how
value fromspecial-config
ConfigMap
) andLOG_LEVEL
(which will give youlog_level
value fromenv-config
ConfigMap
):For example:
Environment variables from
Secret
If your data is sensitive, you can store it in a
Secret
and then use theSecret
as environment variables.To create a
Secret
manually:You'll first need to encode your strings using
base64
.Then create a
Secret
with the above data:Create a
Secret
withkubectl apply
:Please notice that there are other ways to create a secret, pick one that works best for you:
Secret
usingkubectl
Secret
from a generatorSecret
from filesSecret
from string literalsNow you can use this created
Secret
for environment variables.Here is a
Pod
example from Kubernetes docs that shows how to use aSecret
for environment variables:Finally, as stated in the docs:
Now in your controller you can read these environment variables
SECRET_USERNAME
(which will give youusername
value frommysecret
Secret
) andSECRET_PASSWORD
(which will give youpassword
value frommysecret
Secret
):For example:
Using volumes
You can also mount both
ConfigMap
andSecret
as a volume to you pods.Populate a Volume with data stored in a ConfigMap:
Using Secrets as files from a Pod:
An example of a
Pod
that mounts aSecret
in a volume: