Examples
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
apiVersion: v1
kind: Secret
metadata:
name: mysecret
type: Opaque
data:
USER_NAME: YWRtaW4=
PASSWORD: MWYyZDFlMmU2N2Rm
---
apiVersion: v1
kind: ConfigMap
metadata:
name: configmap
data:
# Configuration values can be set as key-value properties
database: mongodb
database_uri: mongodb://localhost:27017
Explanation
Look pretty similar, don’t they. :-)
Source: https://stackoverflow.com/a/36925553
I’m the author of both of these features. The idea is that you should: Use Secrets for things which are actually secret like API keys, credentials, etc Use ConfigMaps for not-secret configuration data
The intention.
Source: https://stackoverflow.com/a/56411975
ConfigMaps are “unchanged” if the data hasn’t changed. Secrets are always “configured” - even if the file hasn’t changed
Both, ConfigMaps and Secrets store data as a key value pair. The major difference is, Secrets store data in base64 format meanwhile ConfigMaps store data in a plain text.
base64 is no protection at all.
Both are stored in the etcd service.
You should use “secrets” for username and password data and “configMaps” for URL type data. Sooner or later secrets may improve.