Closed DazWilkin closed 6 years ago
Hi Daz,
I'm not 100% sure what you're asking, but I think you're asking if I'd recommend your approach?
If so, I'd have to say probably not. dotenv isn't really designed to be a production config injection tool, but instead a development fallback to emulate ENV based configuration set up in the 12 factor app style popularised by heroku. In common usage the call to Load
in production is meant to be a no-op.
I'm not very familiar with kubernetes so this advice is likely not very good, but I'd look to the example under section 3 in https://www.mirantis.com/blog/how-do-you-build-12-factor-apps-using-kubernetes/ to inject your configmap as environment variables. There are many valid critiques of using ENV variables for secrets and if those arguments apply to you, I'd recommend staying away from the dotenv family of tools.
@joho Thanks!
Yes, I was asking for your recommendation and proposing one way to incorporate this into K8s.
Reading your response, I agree that godotenv
is probably not suitable for Kubernetes deployments.
The solution I proposed is a reflection of how godotenv
is used locally but applied to Kubernetes.
Config remains externalized and provided through Kubernetes recommended Pod config mechanisms (ConfigMaps). It supports providing environment variables through env
properties on the pod spec and it will use env
properties from a config file if provided by godotenv
.
Glad I could help you clarify your thinking - good luck with you k8s setup!
@DazWilkin I think you are looking for something like this https://github.com/UKHomeOffice/kd
@DazWilkin is that working with kube secret?
Very useful, thank you!
I discovered
godotenv
through a Go sample that uses it. I'm working on running that solution on Kubernetes. One way to solve this with Kubernetes would be to add the.env
file to the container but this seems to defeat the principle of keeping config externalized.I used ConfigMaps and am sharing it here for consideration:
There's a limitation (!) in ConfigMaps which prevents using them to map a source file containing environment variables or other properties directly into container environment variables.
The workaround is to surface the ConfigMap's contents as a volume in the container but this then requires moving the
.env
(or similarly named file) to a separate directory.Move
.env.
to its own directory and revise the Golang reference. NB for convenience I'm using a relative reference here without "./" and I use an absolute reference in the container spec (step 3)Convert an existing
.env
to a ConfigMapThe container spec must then reference the ConfigMap (
env
) through a volume mount:This results in a container that will run on Kubernetes deriving its env settings from the pod during deployment. The same image may be used in multiple pods each using a different configuration.
Thoughts?