⚙️utilNX
GitHub

Kubernetes ConfigMap Builder

Select what you want to store, add your entries, and get ready-to-apply YAML with kubectl commands.

100% client-side — your configuration never leaves your browser.

Quick Start — Try a template

1 — Select storage type(s)

2 — ConfigMap metadata

How to use this tool

What are Kubernetes ConfigMaps?

A Kubernetes ConfigMap is an API object used to store non-confidential configuration data in key-value pairs. ConfigMaps decouple environment-specific configuration from container images, so you can change configuration without rebuilding your application. They can store individual values, entire configuration files, or JSON/YAML blobs.

Data Storage Types

Environment VariablesenvFrom / env

Key-value pairs injected directly as environment variables in your containers. Use envFrom to inject all keys at once, or env with configMapKeyRef to pick specific keys. Best for application settings like APP_PORT, LOG_LEVEL, FEATURE_FLAGS.

Configuration Filesvolume mount

Multiline values (YAML, JSON, .properties, nginx.conf) stored as ConfigMap entries and mounted as files inside the container. Each key becomes a filename at the mount path. Ideal for application.yml, nginx.conf, prometheus.yml.

Literal Valuesdata:

Simple key-value pairs for plain configuration. Values are stored directly in data: and accessed as environment variables. The simplest storage format for small configuration like database hostnames, feature toggle values, and application modes.

How Pods Consume ConfigMaps

As Environment Variables

Use envFrom.configMapRef to inject all keys, or env.valueFrom.configMapKeyRef for specific keys. Changes require a Pod restart to take effect.

As Mounted Volumes

Mount the ConfigMap as a volume at a specified path. Each key becomes a file. Changes propagate automatically (with a delay) without restarting the Pod. Required for config files.

ConfigMap vs Secret

ConfigMap

For non-sensitive configuration: app settings, feature flags, URLs, ports, config files. Data is stored in plain text. No size restriction beyond the 1MB etcd limit. Visible to anyone with RBAC access to the namespace.

Secret

For sensitive data: passwords, API keys, TLS certificates, SSH keys. Data is base64-encoded (not encrypted by default). Has stricter RBAC defaults and can be encrypted at rest. Use our Secret Builder for these.

Immutable ConfigMaps

Setting immutable: true prevents the ConfigMap from being updated after creation. This protects against accidental configuration changes in production and improves cluster performance — the API server skips watching immutable ConfigMaps, reducing load significantly in clusters with many ConfigMaps. To update, delete and recreate.

Best Practices

  • Keep ConfigMaps under 1MB — this is the etcd storage limit per object.
  • Use meaningful names that describe the configuration purpose, e.g. app-config, nginx-config.
  • Separate configuration by environment (dev, staging, prod) using namespaces or naming conventions.
  • Use immutable ConfigMaps in production to prevent accidental changes and reduce API server load.
  • Use configMapKeyRef for specific keys and envFrom for injecting all keys as environment variables.
  • Never store sensitive data in ConfigMaps — use Kubernetes Secrets or an external secrets manager instead.

Made with ❤️ by tinkerers

utilNX