Kubernetesdevops~5 mins

Immutable ConfigMaps in Kubernetes - Commands & Configuration

Choose your learning style9 modes available

Learn Why Deep Visual Try Challenge Project Recall Time

Introduction

ConfigMaps store configuration data for applications in Kubernetes. Making ConfigMaps immutable prevents accidental changes, ensuring stable and predictable app behavior.

When you want to prevent accidental updates to configuration data that could disrupt running applications.

When multiple pods share the same configuration and you want to ensure consistency without changes.

When you want to improve security by disallowing modifications to sensitive configuration after deployment.

When you want to avoid frequent reloads or restarts caused by ConfigMap changes.

When you want to track configuration changes by creating new ConfigMaps instead of editing existing ones.

Config File - immutable-configmap.yaml

immutable-configmap.yaml

apiVersion: v1
kind: ConfigMap
metadata:
  name: example-config
immutable: true
data:
  app.properties: |
    log_level=info
    max_connections=100

This file creates a ConfigMap named example-config with two configuration settings.

The key immutable: true makes this ConfigMap unchangeable after creation.

The data section holds the configuration values used by applications.

Commands

This command creates the immutable ConfigMap in the Kubernetes cluster using the configuration file.

Terminal

kubectl apply -f immutable-configmap.yaml

Expected OutputExpected

configmap/example-config created

This command retrieves the full YAML definition of the ConfigMap to verify it was created and is immutable.

Terminal

kubectl get configmap example-config -o yaml

Expected OutputExpected

apiVersion: v1 data: app.properties: |- log_level=info max_connections=100 immutable: true kind: ConfigMap metadata: creationTimestamp: "2024-06-01T12:00:00Z" name: example-config namespace: default resourceVersion: "12345" uid: 123e4567-e89b-12d3-a456-426614174000

→

-o yaml - Outputs the ConfigMap in YAML format for detailed inspection

This command attempts to edit the immutable ConfigMap, which should fail to prevent changes.

Terminal

kubectl edit configmap example-config

Expected OutputExpected

error: ConfigMap "example-config" is immutable and cannot be updated

Key Concept

If you remember nothing else from this pattern, remember: setting immutable: true on a ConfigMap locks its data to prevent accidental or unauthorized changes.

Common Mistakes

Trying to edit an immutable ConfigMap directly with kubectl edit.

The edit command fails because the ConfigMap is locked and cannot be changed after creation.

Create a new ConfigMap with a different name and update your pods to use the new ConfigMap.

Not setting immutable: true and accidentally changing ConfigMap data causing app instability.

Without immutability, ConfigMaps can be changed anytime, which may cause unexpected app behavior or reloads.

Set immutable: true to lock the ConfigMap and enforce controlled updates.

Summary

Create a ConfigMap with the immutable: true field to lock its data.

Verify the ConfigMap is immutable by retrieving it with kubectl get.

Attempting to edit an immutable ConfigMap will fail, enforcing stability.

To update configuration, create a new ConfigMap and update pods accordingly.