如何从 Kubernetes Pod 检查 Node.js 环境变量

Question

I have containerized node.js application into kubernetes pod. To set few of the Environment variables, I have created.env.k8 file and setting up few env variables there.

While building the image, I am choose this file as --env =k8 in docker build command. Suppose, I have set one ENV Varible in that.env.k8 file as URL ="abc.com"

Image is getting created and pod is up. I need to check if the process.env.URL is set as per my.env.k8 file. Is there any way from pod, I can check if the Env variables are set correctly.

I exec into running container and used commond printenv. It is not showing the process env variables for node.js application, it is showing Env variables set for POD.

So how to check process.env variables from a kubernetes pod of the same

Answer 1

You will have to define create a configMap from your.env file and mount it in your app's root.

kubectl create configmap nodejs-env --from-file=.env.k8 

When properly mounted, the.env file will set the env variables for your Node.js application

# NodoJS app Deployment using above config map

apiVersion: app/v1
kind: Deployment
metadata:
  name: nodejs-app
  namespace: production
spec:
  replicas: 8
  selector:
    matchLabels:
      app: nodejs-app
  template:
    metadata:
      labels:
        app: nodejs-app
    spec:
      containers:
      - name: nodejs-app
        image: nodejs-app:3.2.0
        ports:
          containerPort: 80
        volumeMounts:
        - name: nodejs-env-file
          mountPath: /app/.env
          readOnly: true
    volumes:
    - name: nodejs-env-file
      configMap:
        name: nodejs-env

Reference: https://www.cloudytuts.com/tutorials/kubernetes/how-to-configure-node-based-apps-in-kubernetes/

Answer 2

Some monitors needs an endpoint in our apps to show a dashboard with stats or metrics.

In java, the most secure and complete framework called spring offer a feature called actuator that expose a lot of http endpoints. One of them is able to show the environment variables. You can disable this feature or set a security credentials for production

Also in python, django framework, when the debug variable is true, on any error, an html page is displayed with the stacktrace of the error plus environment variables.

So, is not a crazy idea to have this feature in nodejs. You just need to add a simple express route and return the process.env

app.get("/meta/vars", function(req, res){
    if ( some_security_logic || process.env.NODE_ENV ==  "PROD") { 
      return req.send({});
    }
    req.send(process.env);
});

Configuration Manager

Variables to be used at runtime but exposed at build time is not a good practice because breaks one of the docker features: One build for any environments: dev, stagging, production, etc

To have variables in files like: .env.properties.ini or any extension, requires a manually write task performed by a human. This breaks the devops automation . Also needs some storage like git repository which is another bad practice.

At this point I advice you to use some application wich is responsible to manage all the variables of all the applications in your company. This app must be secure and offer features like hide password, encrypt sensitive values and a secure way to consume these variables by a specific application. Here some options:

• spring cloud
• zookeeper
• configurator

With a tool like previous options, you don't need to add manually variables at build time. Your app just need to obtain its variables consuming a secure http endpoint published by the Configuration Manager Platform.