Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Is there a way to share a configMap in kubernetes between namespaces?

We are using one namespace for the develop environment and one for the staging environment. Inside each one of this namespaces we have several configMaps and secrets but there are a lot of share variables between the two environments so we will like to have a common file for those.

Is there a way to have a base configMap into the default namespace and refer to it using something like:

- envFrom:     - configMapRef:         name: default.base-config-map 

If this is not possible, is there no other way other than duplicate the variables through namespaces?

like image 449
Daniseijo Avatar asked Apr 04 '19 12:04

Daniseijo


People also ask

How do you share secrets across namespaces in Kubernetes?

As being an API object kubernetes secrets can not be shared between the namespaces,so the other way would be to copy the Kubernetes secrets from one namespace to another namespace and we can achieve this by using the pipe “|” operator.

Can pods communicate between namespaces?

Namespaces are used to isolate resources within the control plane. For example if we were to deploy a pod in two different namespaces, an administrator running the “get pods” command may only see the pods in one of the namespaces. The pods could communicate with each other across namespaces however.

How do I refer ConfigMap in Kubernetes?

If you want to view the binaryData keys (and their values) in a ConfigMap, you can run kubectl get configmap -o jsonpath='{. binaryData}' <name> . Starting with Kubernetes v1. 23, kubectl supports the --from-env-file argument to be specified multiple times to create a ConfigMap from multiple data sources.

How do I copy a secret from one namespace to another?

If you need to copy a secret from one namespace to another, you will get an error because the 'namespace' is still embedded in the yaml and cannot be overridden with the final apply. By using a sed replacement as a filter, you can do a quick transformation and get your desired result.


1 Answers

Kubernetes 1.13 and earlier

They cannot be shared, because they cannot be accessed from a pods outside of its namespace. Names of resources need to be unique within a namespace, but not across namespaces.

Workaround it is to copy it over.

Copy secrets between namespaces
kubectl get secret <secret-name> --namespace=<source-namespace> --export -o yaml \   | kubectl apply --namespace=<destination-namespace> -f - 
Copy configmaps between namespaces
kubectl get configmap <configmap-name>  --namespace=<source-namespace> --export -o yaml \   | kubectl apply --namespace=<destination-namespace> -f - 

Kubernetes 1.14+

The --export flag was deprecated in 1.14 Instead following command can be used:

kubectl get secret <secret-name> --namespace=<source-namespace>  -o yaml \   | sed 's/namespace: <from-namespace>/namespace: <to-namespace>/' \   | kubectl create -f - 

If someone still see a need for the flag, there’s an export script written by @zoidbergwill.

like image 190
Crou Avatar answered Sep 23 '22 06:09

Crou