Geek Answers Handbook

How to save binary file in Kubernetes ConfigMap?

Can I store the binary in Kubernetes ConfigMap and then read the same content from the volume that mounts this ConfigMap? For example, if the directory /etc/mycompany/myapp/config contains the keystore.jks binary, there will be

 kubectl create configmap myapp-config --from-file=/etc/mycompany/myapp/config

include keystore.jks file in ConfigMap myapp myapp-config , which can later be mapped to the volume, installed in the container and read as a binary file?

For example, given the following pod specification, keystore.jks should keystore.jks be available in /etc/mycompany/myapp/config/keystore.jks ?

 apiVersion: v1 kind: Pod metadata: name: myapp spec: containers: - name: myapp image: mycompany/myapp volumeMounts: - name: myapp-config mountPath: /etc/mycompany/myapp/config volumes: - name: myapp-config configMap: name: myapp-config

Kubernetes Version Information:

 derek@derek-HP-EliteOne-800-G1-AiO:~/Documents/platinum/fix/brvm$ kubectl version Client Version: version.Info{Major:"1", Minor:"3", GitVersion:"v1.3.6", GitCommit:"ae4550cc9c89a593bcda6678df201db1b208133b", GitTreeState:"clean", BuildDate:"2016-08-26T18:13:23Z", GoVersion:"go1.6.2", Compiler:"gc", Platform:"linux/amd64"} Server Version: version.Info{Major:"1", Minor:"3", GitVersion:"v1.3.6+coreos.0", GitCommit:"f6f0055b8e503cbe5fb7b6f1a2ee37d0f160c1cd", GitTreeState:"clean", BuildDate:"2016-08-29T17:01:01Z", GoVersion:"go1.6.2", Compiler:"gc", Platform:"linux/amd64"}
+16
configuration configuration-files kubernetes
source share
4 answers

Binary ConfigMaps are now supported since Kubernetes version 1.10.0. From the readme notes:

ConfigMap objects now support binary data through the new binaryData field. When using kubectl create configmap --from-file, files containing data other than UTF8 will be placed in this new field to save data other than UTF8. Note that the kapectl --append-hash function does not take binary data into account. To use this feature, you need 1. 10+ apiserver and kubelets. (# 57938, @dims)

See the changelog for more details: https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG-1.10.md#apps

+13
source share

What I would do is encode this file in base64, and then a container that uses decoded ones to be able to use it

+4
source share

According to Jorgan Liggitt in the Kubernetes release β€œ Enable ConfigMaps to store binary files as well as symbol files. ” Kubernetes 1.3.6 cannot store binary files in ConfigMap.

Comment by GitHub 1 :

config stores data as a string, not [] bytes ... not sure what I expect to be able to put arbitrary binary content into them "

GitHub 2 comment:

@liggitt Do ConfigMaps doesn't encode binary content as strings?

they don’t do this, they store strings. base64 coding can be on top using application logic

Subsequently demonstrated that ConfigMaps does not support binary files.

+2
source share

Based on other answers, Base64 works for me (only once)

Steps:

on my workstation

 base64 -w 0 cacerts > cacerts.base64 sha256sum.exe cacerts.base64 keytool.exe -list -v -keystore cacerts

Openshift

I connect to openshift and create a configuration map

oc create configmap cacerts.base64 --from-file = cacerts.base64

deployment configuration

  ... template: metadata: name: mydeployment... spec: volumes: - name: cacerts-volume configMap: name: cacerts.base64 containers: - name: crg-driver command: - base64 args: - '--decode' - '-w 0' - '/opt/axatech/openpaas/certificates/cacerts.base64 > /opt/axatech/openpaas/certificates/cacerts' #this does not work yet env: - name: SWARM_JVM_ARGS value: >- -Djavax.net.ssl.trustStore=/opt/certificates/cacerts.base64 -Djavax.net.ssl.trustStorePassword=changeit volumeMounts: - name: cacerts-volume mountPath: /opt/certificates

The easiest way to edit / update existing cacerts is to encode new cacerts to base64 (with the -w 0 parameter), open it using a file editor (for example, Notepad), copy the contents and paste it using the OpenShift Console interface

 https://osconsole.mycloud.something.example/console/project/project-dev/browse/config-maps/cacerts.base64

or on the command line

oc edit configmap cacerts.base64

+1
source share

More articles:


All Articles