Create a Knative service that can be requested to read data in a secret or a config map.
For the procedures here, I don't use Kubernetes client-go to access secrets or config maps. Instead, I am mounting the secret or config map to a pod through Knative and accessing that through the pod's volumes.
There are some advantages to not using client-go:
- minimize dependencies on third party packages
- minimize load on the Kubernetes API
- it is faster to access data in a mounted volume compared to sending an HTTP request to a server
This procedure assumes the following have been installed:
- Kubernetes and its
kubectlclient - Knative
I use Kind for my local Kubernetes development cluster. I used KonK to help install Knative.
-
Build with
kokowas created to help Knative developers build images and binaries without the need for Dockerfiles nor Makefiles. See more information in this Knative blog.Follow setup instructions at https://github.com/google/ko.
After installing ko, set the destination for images with an environment variable.
KO_DOCKER_REPO=my-dockerhub-user
Run the following command from the
kn-go-echodirectory. It will build and push the image to your local Docker daemon. To havekopublish and use a container image registry, remove the--localflag.ko publish --local --tags 0.1 --base-import-paths . -
Create secret
kubectl create secret generic secret-msg --from-file=messages/secret.toml
-
Create config map
kubectl create configmap cm-msg --from-file=messages/configmap.toml
-
Deploy read-secret-and-cm Knative service
kubectl apply -f knative.yaml
Note: Currently, the kn client does not support mounting secrets or config maps into pods. That is why we're using kubectl and Kubernetes manifests to create the Knative service and trigger.
-
Get the URL to the read-secret-and-cm service
NAME URL LATEST AGE CONDITIONS READY REASON read-secret-and-cm http://read-secret-and-cm.default.127.0.0.1.nip.io read-secret-and-cm-00001 17h 3 OK / 3 True
-
Go to the following endpoints from a browser to see the messages