kubernetes
Kubernetes ConfigMap Generator
Generate a Kubernetes ConfigMap YAML from key-value pairs. Includes usage examples for envFrom and individual env var injection.
Kubernetes ConfigMaps
ConfigMaps decouple configuration from container images — you change config without rebuilding.
Two Injection Methods
# Method 1: All keys as environment variables
envFrom:
- configMapRef:
name: my-app-config# Method 2: Specific key as environment variable env:
- ›name: LOG_LEVEL
valueFrom: configMapKeyRef: name: my-app-config key: LOG_LEVEL
# Method 3: Mount as a file volumes:
- ›name: config
configMap: name: my-app-config volumeMounts:
- ›name: config
mountPath: /etc/config ```
Update a ConfigMap
kubectl edit configmap my-app-config -n default
# or
kubectl create configmap my-app-config --from-env-file=.env -o yaml --dry-run=client | kubectl apply -f -Namespaced — not shared across namespaces
A ConfigMap in default is invisible to pods in production. Create per-namespace or use Helm with environment-specific values.
Key Terms
Full glossary →kubeadm
A tool for bootstrapping Kubernetes clusters. It automates the setup of control plane components and joining worker nodes, following Kubernetes best practices.
etcd
A distributed key-value store used by Kubernetes to store all cluster state and configuration. etcd is the single source of truth for the entire cluster.
cert-manager
A Kubernetes controller for automating TLS certificate management. cert-manager can issue certificates from Let's Encrypt, Vault, or internal CAs, and automatically renews them.
Helm
A package manager for Kubernetes. Helm charts bundle Kubernetes manifests into reusable packages with configurable values, versioned and published to chart repositories.
Frequently Asked Questions
When should I use a ConfigMap vs a Secret?
ConfigMaps are for non-sensitive configuration: feature flags, log levels, service URLs, port numbers. Secrets are for sensitive data: passwords, API keys, TLS certificates. ConfigMap data is stored as plain text in etcd. Secret data is base64-encoded (not encrypted by default — enable encryption at rest for production clusters).
Does updating a ConfigMap immediately update running Pods?
Not automatically. Pods using envFrom (environment variables) only see the new values on restart — the env vars are set at container start time. Pods using volume mounts (ConfigMap as a file) do get automatic updates — kubelet polls and updates the mounted files. If you need hot-reload, mount the ConfigMap as a volume and have your app watch the file for changes.
What is the size limit for a ConfigMap?
1 MiB per ConfigMap (Kubernetes limit). For larger configs (e.g. a big nginx.conf or application.properties), split into multiple ConfigMaps, or use a Secret if the data is sensitive. For very large configs, consider a ConfigMap backed by an external source via the External Secrets Operator.
Can I use ConfigMaps for multi-line values like config files?
Yes. Use YAML block scalar syntax: key: | followed by indented lines. This is the standard way to inject full config files (nginx.conf, prometheus.yml, etc.) via ConfigMaps. The generator uses the simple key=value format — for file injection, edit the generated YAML to use block scalars.
Related Guides
kubernetes
CI/CD for Kubernetes with GitHub Actions: A Complete Guide (2026)
A practical walkthrough of building a full GitHub Actions pipeline that builds a container image, pushes it to a registry, and deploys to Kubernetes — with secrets handling, rollback, and Helm support.
kubernetes
ArgoCD vs Flux: Choosing a GitOps Tool for Kubernetes in 2026
A no-fluff comparison of ArgoCD and Flux for GitOps on Kubernetes — covering architecture, UI, Helm support, multi-tenancy, and when to pick each one.
kubernetes
Hetzner vs DigitalOcean for Kubernetes in 2026: An Honest Comparison
Hetzner is 3–5× cheaper than DigitalOcean for equivalent Kubernetes compute. But DO has managed K8s, better global coverage, and a larger app marketplace. Here's when each is the right choice.