Kubernetes deployment con Ingress, Configmap y Secrets
4 de diciembre de 2025El Namespace organiza los recursos.
ConfigMap y Secret pasan variables de configuración y credenciales.
PV + PVC gestionan almacenamiento persistente.
Deployment + Service crean y exponen la app internamente.
Ingress + Nginx Controller permiten acceder desde fuera, usando el hostname myapp.local o la IP del LoadBalancer del controlador.
# 1. Namespace
00-namespace.yaml
apiVersion: v1
kind: Namespace
metadata:
name: myapp-namespace
# 2. ConfigMap
01-configmap.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: myapp-config
namespace: myapp-namespace
data:
APP_ENV: "production"
APP_MESSAGE: "Hola desde ConfigMap!"
# 3. Secret
02-secret.yaml
apiVersion: v1
kind: Secret
metadata:
name: myapp-secret
namespace: myapp-namespace
type: Opaque
data:
DB_PASSWORD: c3VwZXJwYXNzd29yZA== # "superpassword" en base64
API_KEY: YXBpa2V5MTIzNDU= # "apikey12345" en base64
# 4. PersistentVolume
03-pv.yaml
apiVersion: v1
kind: PersistentVolume
metadata:
name: app-pv
spec:
capacity:
storage: 1Gi
accessModes:
- ReadWriteOnce
hostPath:
path: /data/app
# 5. PersistentVolumeClaim
04-pvc.yaml
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: app-pvc
namespace: myapp-namespace
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 1Gi
# 6. Deployment
05-deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: myapp-deployment
namespace: myapp-namespace
spec:
replicas: 2
selector:
matchLabels:
app: myapp
template:
metadata:
labels:
app: myapp
spec:
containers:
- name: myapp
image: nginx:latest
ports:
- containerPort: 80
env:
- name: APP_ENV
valueFrom:
configMapKeyRef:
name: myapp-config
key: APP_ENV
- name: APP_MESSAGE
valueFrom:
configMapKeyRef:
name: myapp-config
key: APP_MESSAGE
- name: DB_PASSWORD
valueFrom:
secretKeyRef:
name: myapp-secret
key: DB_PASSWORD
- name: API_KEY
valueFrom:
secretKeyRef:
name: myapp-secret
key: API_KEY
volumeMounts:
- name: app-storage
mountPath: /usr/share/nginx/html/data
volumes:
- name: app-storage
persistentVolumeClaim:
claimName: app-pvc
# 7. Service
06-service.yaml
apiVersion: v1
kind: Service
metadata:
name: myapp-service
namespace: myapp-namespace
spec:
selector:
app: myapp
ports:
- port: 80
targetPort: 80
type: ClusterIP
# 8. Ingress
07-ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: myapp-ingress
namespace: myapp-namespace
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /
spec:
ingressClassName: nginx
rules:
- host: myapp.local
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: myapp-service
port:
number: 80
# 9. Ingress Nginx Controller (externo)
08-ingress-controller.yaml
apiVersion: v1
kind: Namespace
metadata:
name: ingress-nginx
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: ingress-nginx-controller
namespace: ingress-nginx
spec:
replicas: 1
selector:
matchLabels:
app: ingress-nginx-controller
template:
metadata:
labels:
app: ingress-nginx-controller
spec:
containers:
- name: controller
image: registry.k8s.io/ingress-nginx/controller:v1.11.0
args:
- "/nginx-ingress-controller"
- "--ingress-class=nginx"
ports:
- containerPort: 80
- containerPort: 443
---
apiVersion: v1
kind: Service
metadata:
name: ingress-nginx-controller
namespace: ingress-nginx
spec:
type: LoadBalancer
selector:
app: ingress-nginx-controller
ports:
- name: http
port: 80
targetPort: 80
- name: https
port: 443
targetPort: 443# Aplicar todo
kubectl apply -f .
