Chapter 19. Configuration Resource

Kubernetes provides native configuration resources for regular and confidential data, which allows decoupling of the configuration lifecycle from the application lifecycle. The Configuration Resource pattern explains the concepts of ConfigMap and Secret resources, and how we can use them, as well as their limitations.


One significant disadvantage of the EnvVar Configuration pattern is that it’s suitable for only a handful of variables and simple configurations. Another one is that because environment variables can be defined in various places, it is often hard to find the definition of a variable. And even if you find it, you can’t be entirely sure it is not overridden in another location. For example, environment variables defined within a Docker image can be replaced during runtime in a Kubernetes Deployment resource.

Often, it is better to keep all the configuration data in a single place and not scattered around in various resource definition files. But it does not make sense to put the content of a whole configuration file into an environment variable. So some extra indirection would allow more flexibility, which is what Kubernetes Configuration Resources offer.


Kubernetes provides dedicated Configuration Resources that are more flexible than pure environment variables. These are the ConfigMap and Secret objects for general-purpose and sensitive data, respectively.

We can use both in the same way, as both provide storage ...

Get Kubernetes Patterns now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.