cancel
Showing results for 
Search instead for 
Did you mean: 
khokha
Flight Engineer
Flight Engineer
  • 1,475 Views

secrets and configmap

Hello everyone,

I've few questions about secrets and configmaps.

1- if i create a deployment and added to it secret but the deployment doesn't require it (secret), will this affect the operation of the application?

2- if the deployment requires a volume and i didn't add it will this make the deployment doesn't work?

3- if a deployment reqiures a configmap and it should be mounted at certain path , if it is misconfigured (mount path) will this affect the deployment operation?

4- if the deployment has pvc will it contain all the volumes in the deployment or only those mounted at the same path of the pvc?

Thanks in advance

Labels (3)
4 Replies
Chetan_Tiwary_
Community Manager
Community Manager
  • 1,459 Views

@khokha  AFAIK 

"if the deployment requires a volume and i didn't add it will this make the deployment doesn't work?"  - yes the deployment will fail to start.

https://kubernetes.io/docs/concepts/storage/volumes/ 

" if a deployment reqiures a configmap and it should be mounted at certain path , if it is misconfigured (mount path) will this affect the deployment operation?"
       - If you reference a ConfigMap that doesn't exist and you don't mark the reference as optional, the Pod won't start. Similarly, references to keys that don't exist in the ConfigMap will also prevent the Pod from starting, unless you mark the key references as optional.

https://kubernetes.io/docs/tasks/configure-pod-container/configure-pod-configmap/#:~:text=The%20Conf... 

"if the deployment has pvc will it contain all the volumes in the deployment or only those mounted at the same path of the pvc?"
 
- pvc is a request to storage ( It only provides storage for volumes referencing it ) while volumes define how pods will utilise the storage - There can be different volumes in the deployment with different source and a different mount path like emptyDir, hostPath , configMap, local, nfs etc 
khokha
Flight Engineer
Flight Engineer
  • 1,452 Views

hi @Chetan_Tiwary_ 

Thanks for your reply.

For the second point of misconfigured mount path of configmap, if the configmap exists but it should be mounted but the configmap isn't mounted or mounted at wrong mount path, will this prevent the app from working?

 

For the last point of pvc, if the pvc is mounted at /dir. and there're volumes that has data at /dir./file will the pvc contain this data (/dir./file)?

 

Adding secrets or volumes that aren't required by the application, will affect its operation?

0 Kudos
Chetan_Tiwary_
Community Manager
Community Manager
  • 1,441 Views

Yes the app wont work if the desired configMap is not mounted properly as per the app requirements.

If I understood your question correctly , yes I think, as long as the underlying PV is the same, else No. 

To share one volume for multiple uses in a single pod use - volumeMounts.subPath 

https://kubernetes.io/docs/concepts/storage/volumes/#using-subpath 

I dont think adding secrets not required by app will afftect an app's operation generally speaking but it can have other implications on resources and security.

 

 

0 Kudos
khokha
Flight Engineer
Flight Engineer
  • 1,382 Views

@Chetan_Tiwary_ 

What you mean with sharing one volume for multiple uses?

If i create a secret that has additional files that aren't required by the application, will this cause any problems?

What is the difference between when i set a secret as environment variable and when i set it as volume?

For attaching configmaps and secrets created from files we can't use command oc set env and have to use oc set volume?

Thanks

0 Kudos
Join the discussion
You must log in to join this conversation.