ryanjbaxter
commented
1 year ago To read configMap and secrets using volume mounts in Spring Cloud Kubernetes, you can follow these steps:
- Mount the configMap and secret as volumes in your deployment configuration YAML file:
apiVersion: apps/v1
kind: Deployment
metadata:
name: your-deployment
spec:
template:
spec:
volumes:
- name: config-volume
configMap:
name: your-configmap
- name: secret-volume
secret:
secretName: your-secret
containers:
- name: your-container
image: your-image
volumeMounts:
- name: config-volume
mountPath: /etc/config
- name: secret-volume
mountPath: /etc/secrets- In your application, use the
spring.config.importproperty to import the mounted configMap and secret:
spring.config.import=file:/etc/config/application.properties,file:/etc/secrets/application-secrets.propertiesThis way, the properties from the mounted files will be loaded into your Spring Boot application.
Regarding the warning log you're seeing, it's suggesting to use spring.config.import instead of the deprecated spring.cloud.kubernetes.secrets.paths property. The updated property should look like:
spring.config.import=classpath:/etc/secrets/secret-k8s.propertiesRegarding the watcher to update the mounted volumes (configMap/secret), you can use the @RefreshScope annotation in your Spring Boot application. Here's an example:
@RestController
@RefreshScope
public class MyController {
@Value("${my.property}")
private String myProperty;
@GetMapping("/property")
public String getProperty() {
return myProperty;
}
}When a refresh event is triggered, the myProperty value will be updated with the latest value from the mounted volume.
Note: Make sure you have the necessary dependencies in your build.gradle file as you mentioned in your question.
Hi, I'm trying to implement spring cloud kubernetes in our projects. My main goals are to read configMap, secrets and enable reload using spring cloud kubernetes config watcher.
Since there are very less examples available about how to use spring cloud for kubernetes apps, I read the documentation and figured out how to read secrets and configmap from k8s. There are 2 ways you can read these i.e
Volume mount Kubernetes API The 2nd one is not recommended due to security problems which can occur so I'm preferring 1st one. But when it comes to reloading properties using watcher then there is zero examples available with spring boot 3.x.
While using below properties in bootstrap.properties I get below warning logs bootstrap.properties spring.cloud.kubernetes.discovery.enabled=false spring.cloud.kubernetes.secrets.paths=/etc/secrets/secret-k8s spring.cloud.kubernetes.secrets.fail-fast=true spring.cloud.kubernetes.secrets.enabled=true
warning log o.s.c.k.c.c.SecretsPropertySourceLocator : path support is deprecated and will be removed in a future release. Please use spring.config.import
But I couldn't find any help about how to use this property with kubernetes using volume mounts.
second thing is if possible could you please share an example of watcher with spring boot 3.x which should update mounted volume(secret/configmap) ?
build.gradle dependencies { implementation 'org.springframework.boot:spring-boot-starter-actuator' implementation 'org.springframework.boot:spring-boot-starter-web' implementation group: 'org.springframework.cloud', name: 'spring-cloud-starter-kubernetes-fabric8-config', version: '3.0.4' compileOnly 'org.projectlombok:lombok' annotationProcessor 'org.projectlombok:lombok' testImplementation 'org.springframework.boot:spring-boot-starter-test' }