env.dev

Kubernetes Environment Variables: ConfigMaps, Secrets & Pod Spec

How to configure environment variables in Kubernetes: inline env, ConfigMaps, Secrets, the downward API, and best practices for managing configuration at scale.

Last updated:

Loading…

Frequently Asked Questions

What is the difference between ConfigMaps and Secrets in Kubernetes?

ConfigMaps store non-sensitive configuration data as plain text key-value pairs. Secrets store sensitive data (passwords, tokens, keys) as base64-encoded values with additional access controls. Use ConfigMaps for feature flags and URLs, Secrets for credentials.

Do I need to restart pods after changing a ConfigMap?

Yes, if the ConfigMap is injected as environment variables. Kubernetes does not automatically restart pods when ConfigMaps change. Use kubectl rollout restart deployment/name or implement a config reloader like Reloader or stakater/Reloader.

How do I pass pod metadata as environment variables?

Use the downward API with valueFrom.fieldRef. You can expose the pod name (metadata.name), namespace (metadata.namespace), node name (spec.nodeName), pod IP (status.podIP), and labels/annotations.

Was this helpful?

Stay up to date

Get notified about new guides, tools, and cheatsheets.

Related Cheatsheets

Cheatsheet

YAML Syntax Cheat Sheet — Scalars, Collections & Gotchas

Quick reference for YAML syntax: strings, numbers, multiline values, sequences, mappings, anchors, aliases, and common gotchas like the Norway problem.

Cheatsheet

Nginx Cheat Sheet — Server Blocks, Proxy & SSL

Quick reference for Nginx: service management, server blocks, reverse proxy, load balancing, SSL/TLS, location matching, logging, and performance tuning.

Cheatsheet

GitHub Actions Cheat Sheet

Quick reference for GitHub Actions CI/CD: workflow syntax, triggers, jobs, matrix strategies, secrets, caching, artifacts, reusable workflows, and essential actions.

Related Guides

Docker Environment Variables: Dockerfile ENV, ARG & Runtime

How to use environment variables in Docker: ENV vs ARG in Dockerfile, docker run -e, --env-file, multi-stage builds, BuildKit secrets, and best practices.

GitHub Actions: Secrets vs Environment Variables

When to use repository secrets, environment secrets, and configuration variables in GitHub Actions. Includes workflow examples for Node.js, Python, and Docker.

Environment Variables Security: Secrets, Leaks & Best Practices

Why environment variables are not truly secure and what to do about it. Covers secret rotation, leak detection, client-side exposure risks, and when to use a dedicated secrets manager.