0

I have containerized node.js application into kubernetes pod. To set few of the Environment variables, I have created .env.k8 file and setting up few env variables there.

While building the image, I am choose this file as --env =k8 in docker build command. Suppose, I have set one ENV Varible in that .env.k8 file as URL ="abc.com"

Image is getting created and pod is up. I need to check if the process.env.URL is set as per my .env.k8 file. Is there any way from pod, I can check if the Env variables are set correctly.

I exec into running container and used commond printenv. It is not showing the process env variables for node.js application, it is showing Env variables set for POD.

So how to check process.env variables from a kubernetes pod of the same

Improve this question
6
  • The node.env variables are provided during the build, there is no way to access env variables from runtime. The only way is to create a logic which will return env variables Commented Jun 1, 2021 at 13:15
  • I dont want to access it. I just want to verify if it is getting set properly during build. Is there any way of doing it? Commented Jun 1, 2021 at 13:17
  • without writing additional code - no, it is done for security reasons Commented Jun 1, 2021 at 13:19
  • ok. Thanks for the information. Now checking how to create a logic or additional code to verify Env variables Commented Jun 1, 2021 at 13:21
  • You can use npmjs.com/package/dotenv-safe it can verify your env variables are set properly, and will not allow to run app otherwise Commented Jun 1, 2021 at 13:23

2 Answers 2

Reset to default
1

You will have to define create a configMap from your .env file and mount it in your app's root.

kubectl create configmap nodejs-env --from-file=.env.k8

When properly mounted, the .env file will set the env variables for your Node.js application

# NodoJS app Deployment using above config map

apiVersion: app/v1
kind: Deployment
metadata:
  name: nodejs-app
  namespace: production
spec:
  replicas: 8
  selector:
    matchLabels:
      app: nodejs-app
  template:
    metadata:
      labels:
        app: nodejs-app
    spec:
      containers:
      - name: nodejs-app
        image: nodejs-app:3.2.0
        ports:
          containerPort: 80
        volumeMounts:
        - name: nodejs-env-file
          mountPath: /app/.env
          readOnly: true
    volumes:
    - name: nodejs-env-file
      configMap:
        name: nodejs-env

Reference: https://www.cloudytuts.com/tutorials/kubernetes/how-to-configure-node-based-apps-in-kubernetes/

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

1

Some monitors needs an endpoint in our apps to show a dashboard with stats or metrics.

In java, the most secure and complete framework called spring offer a feature called actuator that expose a lot of http endpoints. One of them is able to show the environment variables. You can disable this feature or set a security credentials for production

Also in python, django framework, when the debug variable is true, on any error, an html page is displayed with the stacktrace of the error plus environment variables.

So, is not a crazy idea to have this feature in nodejs. You just need to add a simple express route and return the process.env

app.get("/meta/vars", function(req, res){
    if ( some_security_logic || process.env.NODE_ENV ==  "PROD") { 
      return req.send({});
    }
    req.send(process.env);
});

Configuration Manager

Variables to be used at runtime but exposed at build time is not a good practice because breaks one of the docker features: One build for any environments: dev, stagging, production, etc

To have variables in files like: .env .properties .ini or any extension , requires a manually write task performed by a human. This breaks the devops automation. Also needs some storage like git repository which is another bad practice.

At this point I advice you to use some application wich is responsible to manage all the variables of all the applications in your company. This app must be secure and offer features like hide password, encrypt sensitive values and a secure way to consume these variables by a specific application. Here some options:

With a tool like previous options, you don't need to add manually variables at build time. Your app just need to obtain its variables consuming a secure http endpoint published by the Configuration Manager Platform.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.