Ansible, K8s and Environment Variables
The deployment and scalability of containerised applications are made easier by Kubernetes (also known as K8s), a powerful container orchestration platform. While dealing with numerous microservices and environments, managing configurations and environment variables in a Kubernetes cluster can be challenging. Popular automation tool Ansible can aid in streamlining this procedure and offer a dependable and regular method of managing Kubernetes configurations.
we will explore how Ansible can be used to set environment variables and other configurations in a Kubernetes cluster, providing practical examples along the way. Remember there lot more than this but Its good enough to start from here
Prerequisites:
Before we begin, make sure you have the following prerequisites set up:
- A Kubernetes cluster up and running.
- Ansible installed on your local machine.
ConfigMap and Environment Variable
In Kubernetes, a ConfigMap resource enables you to separate configuration information from the container image. It gives you a mechanism to keep key-value pairs that you can access as environment variables or mount as files in a container.
Consider a straightforward Flask application that needs a configuration file to decide how it should behave. To establish environment variables for the application, we’ll utilise a ConfigMap rather than hardcoding this setting into the container image.
## flask_app.yaml ##
apiVersion: v1
kind: ConfigMap
metadata:
name: flask-config
data:
APP_NAME: "Dummy Flask App"
DEBUG_MODE: "true"
DATABASE_URL: "mysql://user:password@dbhost/dbname"We can use the kubectl module in the Ansible playbook to apply this ConfigMap to the Kubernetes cluster:
## playbook.yaml ##
---
- name: Apply Flask ConfigMap
hosts: localhost
tasks:
- name: Apply ConfigMap
kubectl:
action: apply
src: flask_app.yamlBy running this Ansible playbook, we ensure that the ConfigMap is created or updated in the Kubernetes cluster.
Secrets Management
Secrets in Kubernetes are used to store private data like API keys, passwords, and TLS certificates. Ansible may be used to manage Secrets in Kubernetes effectively, much like ConfigMaps.
Let’s make a Secret to keep the password for the database:
## db_secret.yaml ##
apiVersion: v1
kind: Secret
metadata:
name: db-credentials
type: Opaque
data:
password: "cGFzc3dvcmQxMjM0" # Base64-encoded "password1234"With Ansible, we can apply the Secret to the cluster:
## playbook.yaml ##
---
- name: Apply DB Secret
hosts: localhost
tasks:
- name: Apply Secret
kubectl:
action: apply
src: db_secret.yamlDeployment with Environment Variables
Let’s use our ConfigMap and Secret in a Kubernetes deployment now that they are set up.
## flask_app_deployment.yaml ##
apiVersion: apps/v1
kind: Deployment
metadata:
name: flask-app
spec:
replicas: 1
selector:
matchLabels:
app: flask
template:
metadata:
labels:
app: flask
spec:
containers:
- name: flask-app
image: your-flask-image
envFrom:
- configMapRef:
name: flask-config
- secretRef:
name: db-credentialsIn order to specify environment variables in the flask-app container, we’re referring to the ConfigMap and Secret we created earlier in this Deployment Manifest.
Using Ansible, deploy this application:
## playbook.yaml ##
---
- name: Deploy Flask App
hosts: localhost
tasks:
- name: Apply Deployment
kubectl:
action: apply
src: flask_app_deployment.yamlConclusion
Managing Kubernetes configurations and environment variables is simple and repeatable using Ansible’s robust kubectl module. ConfigMaps and Secrets may be defined using YAML files and applied to the Kubernetes cluster using Ansible playbooks, enabling the deployment and scaling of containerized applications more effective and manageable. We can guarantee consistency across environments and lower the possibility of human mistake throughout the configuration process by automating these operations.
Reference :
https://manish-dixit.medium.com/ansible-automation-basics-655fd607eef6
