General question about configmaps and secrets in k8's space

3/19/2019

What are the differences between config maps and secrets in k8's space, does service accounts need to be associated with these resources to work? Please suggest.

-- DirectedSoul
containers
docker
kubernetes
openshift
secret-key

2 Answers

3/19/2019

ConfigMap and secrets are used to decouple the application configuration, database passwords, certificates etc from the image.

ConfigMap is used to store config files, properties file and so on. On the other hand secrets are used to store sensitive information like passwords, ssl certificates.

You can load key value pairs from these objects as environment variables inside the container or these objects can be mounted as volumes inside a container..

Service account is a different object and is not directly associated with these objects. Sa is part of RBAC. And can be granted access to list secrets or configMap at namespace level or cluster level depending on the roles

-- P Ekambaram
Source: StackOverflow

3/19/2019

Secrets are used for fields you want to hide like passwords, user and endpoints.

Using the docs:

Kubernetes secret objects let you store and manage sensitive information, such as passwords, OAuth tokens, and ssh keys. Putting this information in a secret is safer and more flexible than putting it verbatim in a Pod Lifecycle definition or in a container image

source: https://kubernetes.io/docs/concepts/configuration/secret/

Config Maps are used for configuration inside the pod, like level of debugging or version of an external API called. It is a good practice for decoupling your code from your configuration, which can change from time to time.

source: https://kubernetes.io/docs/tasks/configure-pod-container/configure-pod-configmap/

-- Leandro Donizetti Soares
Source: StackOverflow