To create a dev env config, run the following commands.
cp envs/template.sh envs/dev.sh
sed -i "" "s/changme-env/dev/g" envs/dev.sh
sed -i "" "s/changme-postgres-password/$(openssl rand -base64 27 | tr -dc A-Za-z0-9)/g" envs/dev.sh
* | |
!.gitignore | |
!README.md | |
!template.sh |
$ kubectl create secret generic foo-credentials --from-env-file <(env | grep FOO_) | |
secret "foo-credentials" created | |
$ kubectl apply -f postgres-deployment.yaml | |
deployment "postgres" created | |
$ kubectl get pods | |
NAME READY STATUS RESTARTS AGE | |
postgres-3552183314-4lrqr 1/1 Running 0 10s | |
$ kubectl exec postgres-3552183314-4lrqr -it -- sh | |
/ # echo ${POSTGRES_PASSWORD} | |
XB2Dc8hOTVGu2AQeTVVyGo9xYk0WuqAU2JT | |
/ # exit |
$ minikube start | |
Starting local Kubernetes v1.7.0 cluster... | |
Starting VM... | |
Getting VM IP address... | |
Moving files into cluster... | |
Setting up certs... | |
Starting cluster components... | |
Connecting to cluster... | |
Setting up kubeconfig... | |
Kubectl is now configured to use the cluster. | |
$ git clone https://gist.github.com/8d7bcafb5e26e9b96735ade35505f5c5.git manage-env-vars-and-secrets | |
$ cd manage-env-vars-and-secrets | |
# move some files around because gists don't do dirs | |
$ mkdir envs | |
$ mv template.sh README.md .gitignore envs/ |
apiVersion: apps/v1beta1 | |
kind: Deployment | |
metadata: | |
name: postgres | |
labels: | |
app: foo | |
spec: | |
template: | |
metadata: | |
labels: | |
app: foo | |
tier: db | |
spec: | |
containers: | |
- name: postgres | |
image: postgres:9-alpine | |
ports: | |
- name: postgres | |
containerPort: 5432 | |
env: | |
- name: POSTGRES_PASSWORD | |
valueFrom: | |
secretKeyRef: | |
name: foo-credentials | |
key: FOO_POSTGRES_PASSWORD | |
- name: POD_IP | |
valueFrom: { fieldRef: { fieldPath: status.podIP } } | |
livenessProbe: | |
exec: | |
command: ["sh", "-c", "exec pg_isready --host $POD_IP"] | |
initialDelaySeconds: 60 | |
timeoutSeconds: 5 | |
failureThreshold: 6 | |
readinessProbe: | |
exec: | |
command: ["sh", "-c", "exec pg_isready --host $POD_IP"] | |
initialDelaySeconds: 5 | |
timeoutSeconds: 3 | |
periodSeconds: 5 | |
volumeMounts: | |
- name: pg-data | |
mountPath: /var/lib/postgresql/data | |
volumes: | |
- name: pg-data | |
emptyDir: {} |
# Configuration for the Foo app | |
# Change all values that start with changeme | |
export FOO_ENV=changme-env | |
export FOO_POSTGRES_PASSWORD=changme-postgres-password |
$ cp envs/template.sh envs/dev.sh | |
$ sed -i "" "s/changme-env/dev/g" envs/dev.sh | |
$ sed -i "" "s/changme-postgres-password/$(openssl rand -base64 27 | tr -dc A-Za-z0-9)/g" envs/dev.sh | |
# unset any existing config | |
$ unset ${!FOO_*} | |
$ source envs/dev.sh | |
# double check your config | |
$ env | grep FOO_ | sort | |
FOO_DB=dev | |
FOO_POSTGRES_PASSWORD=XB2Dc8hOTVGu2AQeTVVyGo9xYk0WuqAU2JT |