What Is a ConfigMap in Kubernetes?
A ConfigMap is a Kubernetes object that stores non-confidential configuration data as key-value pairs. Pods consume ConfigMaps as environment variables, command-line arguments, or mounted configuration files, decoupling configuration from container images.
Detailed Answer
A ConfigMap is a Kubernetes API object that stores non-confidential configuration data as key-value pairs. It allows you to keep configuration separate from your container images, making applications portable across environments (dev, staging, production).
Creating a ConfigMap
From a YAML manifest:
apiVersion: v1
kind: ConfigMap
metadata:
name: app-config
namespace: default
data:
DATABASE_HOST: "postgres.default.svc.cluster.local"
DATABASE_PORT: "5432"
LOG_LEVEL: "info"
MAX_CONNECTIONS: "100"
app.properties: |
server.port=8080
server.context-path=/api
spring.profiles.active=production
From the command line:
# From literal values
kubectl create configmap app-config \
--from-literal=DATABASE_HOST=postgres.default.svc.cluster.local \
--from-literal=LOG_LEVEL=info
# From a file
kubectl create configmap nginx-config --from-file=nginx.conf
# From a directory
kubectl create configmap config-bundle --from-file=./config-dir/
Consuming ConfigMaps as Environment Variables
apiVersion: v1
kind: Pod
metadata:
name: app
spec:
containers:
- name: app
image: myapp:v2
env:
# Single key from ConfigMap
- name: DATABASE_HOST
valueFrom:
configMapKeyRef:
name: app-config
key: DATABASE_HOST
# Another key
- name: LOG_LEVEL
valueFrom:
configMapKeyRef:
name: app-config
key: LOG_LEVEL
resources:
requests:
cpu: "250m"
memory: "256Mi"
Or inject all keys at once:
spec:
containers:
- name: app
image: myapp:v2
envFrom:
- configMapRef:
name: app-config
Consuming ConfigMaps as Volumes
apiVersion: v1
kind: Pod
metadata:
name: app
spec:
containers:
- name: app
image: myapp:v2
volumeMounts:
- name: config-volume
mountPath: /etc/app/config
readOnly: true
resources:
requests:
cpu: "250m"
memory: "256Mi"
volumes:
- name: config-volume
configMap:
name: app-config
Each key in the ConfigMap becomes a file in /etc/app/config/:
/etc/app/config/DATABASE_HOST(contains "postgres.default.svc.cluster.local")/etc/app/config/LOG_LEVEL(contains "info")/etc/app/config/app.properties(contains the multiline properties)
Selecting Specific Keys
Mount only certain keys as files:
volumes:
- name: config-volume
configMap:
name: app-config
items:
- key: app.properties
path: application.properties
This creates a single file at /etc/app/config/application.properties.
Update Behavior
| Consumption Method | Auto-Updates? | Notes | |---|---|---| | Environment variable | No | Pod restart required | | Volume mount | Yes | Updated within kubelet sync period (default ~60s) | | SubPath volume mount | No | SubPath breaks the symlink-based update mechanism |
Limitations
- Size limit: ConfigMaps cannot exceed 1 MiB
- Namespace-scoped: Cannot be shared across namespaces
- No encryption: Data is stored in plaintext in etcd — do not store secrets
- No templating: Values are static strings — no variable interpolation
Why Interviewers Ask This
Interviewers ask this to verify you understand the Kubernetes pattern of separating configuration from application code, which is fundamental to building portable, maintainable workloads.
Common Follow-Up Questions
Key Takeaways
- ConfigMaps decouple configuration from container images, enabling environment-specific settings.
- They can be consumed as environment variables, volume mounts, or command-line arguments.
- ConfigMaps are namespace-scoped and limited to 1 MiB in size.