Lessons
Start
Start learning
CodeGym /Courses /Docker SELF /Working with configurations and secrets

Working with configurations and secrets

Docker SELF
Level 20 , Lesson 0
Available

6.1 The docker config Command

Docker offers built-in tools for managing configurations and secrets, making it safe and easy to handle configuration files and sensitive data in containers. These tools enhance security and simplify configuration management in distributed systems. In this lecture, we’ll dive into how to use the docker config and docker secret commands, showing examples and best practices.

Basics of configuration management

The docker config command lets you manage configuration files that can be used by services in Docker Swarm. Configurations provide an easy way to pass settings and application parameters.

Main commands of docker config

  1. docker config create — Create a new configuration
  2. docker config ls — List all configurations
  3. docker config inspect — Get information about a configuration
  4. docker config rm — Delete a configuration

Example of using docker config

Creating a configuration

To create a configuration, use the docker config create command. For example, let's create a configuration file for Nginx.

Java webinar

Create a file named nginx.conf:

nginx 

user www-data;
worker_processes auto;
pid /run/nginx.pid;
        
events {
    worker_connections 768;
}
        
http {
    server {
        listen 80;
        location / {
            return 200 'Hello, World!';
            add_header Content-Type text/plain;
        }
    }
}

Create the configuration in Docker:

Terminal 

docker config create nginx_config ./nginx.conf

2. Listing all configurations

To view all created configurations, use the docker config ls command:

Terminal 

docker config ls

Command output:

Terminal 

ID                                                                                       NAME           CREATED             UPDATED
f8f8ff8f8f8f8f8f8f8f8f8f8f8f8f8f8f8f8f8   nginx_config    10 seconds ago     10 seconds ago

3. Using a configuration in a service

Create a service using the created configuration:

Terminal 

docker service create --name nginx --config source=nginx_config,target=/etc/nginx/nginx.conf -p 8080:80 nginx

4. Deleting a configuration

To delete a configuration, use the docker config rm command:

Terminal 

docker config rm nginx_config

6.2 Command docker secret

The docker secret command lets you manage "secrets" like passwords, API keys, and certificates that can be securely used by services in Docker Swarm. Secrets are stored encrypted and are accessible only to the services that use them.

Main commands of docker secret

  1. docker secret create — Create a new secret
  2. docker secret ls — List all secrets
  3. docker secret inspect — Get information about a secret
  4. docker secret rm — Delete a secret

Example of using docker secret

1. Creating a Secret

To create a secret, use the docker secret create command. For example, let’s create a secret for the database password.

Create a file db_password.txt:

Text 

mysecretpassword

Create the secret in Docker:

Terminal 

docker secret create db_password ./db_password.txt

2. Listing All Secrets

To see all created secrets, use the docker secret ls command:

Terminal 

docker secret ls

Command output:

Terminal 

ID                                                                                    NAME           CREATED             UPDATED
f8f8ff8f8f8f8f8f8f8f8f8f8f8f8f8f8f8f8f8   db_password    10 seconds ago     10 seconds ago

3. Using a Secret in a Service

Create a service using the created secret:

Terminal 

docker service create --name postgres --secret db_password -e 
POSTGRES_PASSWORD_FILE=/run/secrets/db_password postgres

4. Deleting a Secret

To delete a secret, use the docker secret rm command:

Terminal 

docker secret rm db_password

6.3 Practical Examples and Best Practices

Practical examples and best practices

Example 1: Using Configurations and Secrets in a Web Application

Creating a Configuration File and a Secret

Terminal 

echo "user www-data;" > ./nginx.conf
echo "worker_processes auto;" >> ./nginx.conf
docker config create nginx_config ./nginx.conf

echo "mysecretpassword" > ./db_password.txt
docker secret create db_password ./db_password.txt

Creating Services that Use Configurations and Secrets

Terminal 

docker service create --name nginx --config source=nginx_config,target=/etc/nginx/nginx.conf -p 
8080:80 nginx

docker service create --name postgres --secret db_password -e 
POSTGRES_PASSWORD_FILE=/run/secrets/db_password postgres

Example 2: Updating the Configuration

Updating the Configuration File Contents

Modify the file nginx.conf:

nginx 

user www-data;
worker_processes 4;

Creating a New Version of the Configuration

Terminal 

docker config create nginx_config_v2 ./nginx.conf

Updating the Service with the New Configuration

Terminal 

docker service update --config-rm nginx_config --config-add 
source=nginx_config_v2,target=/etc/nginx/nginx.conf nginx
3
Task
Docker SELF, level 20, lesson 0
Locked
Creating and Using Nginx Configuration
Creating and Using Nginx Configuration
Open
3
Task
Docker SELF, level 20, lesson 0
Locked
Creating a secret for the database password
Creating a secret for the database password
Open
3
Task
Docker SELF, level 20, lesson 0
Locked
Updating Nginx Configuration
Updating Nginx Configuration
Open
3
Task
Docker SELF, level 20, lesson 0
Locked
Removing configuration and secret
Removing configuration and secret
Open
Comments
TO VIEW ALL COMMENTS OR TO MAKE A COMMENT,
GO TO FULL VERSION