Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

https://github.com/kelseyhightower/konfd

Manage application configuration using Kubernetes secrets, configmaps, and Go templates.
https://github.com/kelseyhightower/konfd

Last synced: 15 days ago
JSON representation

Manage application configuration using Kubernetes secrets, configmaps, and Go templates.

Host: GitHub
URL: https://github.com/kelseyhightower/konfd
Owner: kelseyhightower
License: apache-2.0
Created: 2016-12-04T07:32:26.000Z (over 7 years ago)
Default Branch: master
Last Pushed: 2018-03-28T07:58:29.000Z (about 6 years ago)
Last Synced: 2024-02-24T14:33:48.312Z (4 months ago)
Language: Go
Homepage:
Size: 41 KB
Stars: 494
Watchers: 21
Forks: 34
Open Issues: 4
Metadata Files:
- Readme: README.md
- License: LICENSE

Lists

awesome-kubernetes - Konfd
awesome-kubernetes - Konfd
awesome-kubernetes - Konfd
awesome-kubernetes-Application - Konfd
awesome-kubernetes - Konfd
awesome-kubernetes - Konfd
awesome-kubernetes - Konfd
awesome-kubernetes - Konfd
awesome-kubernetes - Konfd
awesome-kubernetes - Konfd
awesome-kubernetes - Konfd
awesome-kubernetes - Konfd
my-awesome-stars - kelseyhightower/konfd - Manage application configuration using Kubernetes secrets, configmaps, and Go templates. (Go)

README

        # konfd

![Super Dope](https://img.shields.io/badge/Hightower-super%20dope-b9f2ff.svg)

Manage application configuration using Kubernetes secrets, configmaps, and Go templates.

## Usage

```

Usage of konfd:

```

```

  -configmap value

    	the configmap to process.

  -namespace value

    	the namespace to process.

  -noop

    	print processed configmaps and secrets and do not submit them to the cluster.

  -onetime

    	run one time and exit.

  -sync-interval duration

    	the time duration between template processing. (default 1m0s)

```

### Create configmaps and secrets

```

kubectl create secret generic vault-secrets \

  --from-literal 'mysql_password=v@ulTi$d0p3'

```

```

kubectl create configmap vault-configs \

  --from-literal 'default_lease_ttl=768h' \

  --from-literal 'mysql_username=vault'

```

### Create a template configmap

```

cat configmaps/vault-template.yaml

```

```

apiVersion: v1

kind: ConfigMap

metadata:

  name: vault-template

  annotations:

    konfd.io/kind: configmap

    konfd.io/name: vault

    konfd.io/key:  server.hcl

  labels:

    konfd.io/template: "true"

data:

  template: |

    default_lease_ttl = {{configmap "vault-configs" "default_lease_ttl"}}

    backend "mysql" {

      username = "{{configmap "vault-configs" "mysql_username"}}"

      password = "{{secret "vault-secrets" "mysql_password"}}"

      tls_ca_file = "/etc/tls/mysql-ca.pem"

    }

```

> See the [templates](docs/templates.md) docs for more details.

Submit the `vault-template` configmap:

```

kubectl create -f configmaps/vault-template.yaml

```

### Deploy the konfd replicaset

```

kubectl create -f replicasets/konfd.yaml

```

> See the [deployment guide](docs/deployment-guide.md) for more details.

### Review the results

```

kubectl get configmaps vault -o yaml

```

```

apiVersion: v1

kind: ConfigMap

metadata:

  name: vault

  namespace: default

data:

  server.hcl: |

    default_lease_ttl = 768h

    backend "mysql" {

      username = "vault"

      password = "v@ulTi$d0p3"

    }

```

### Testing with noop mode

konfd can be run outside of the Kubernetes cluster by running `kubectl` in proxy mode:

```

kubectl proxy

```

Process a single template in the default namespace:

```

konfd -onetime -noop -namespace default -configmap vault-template

```