Deploying a Node.js web app with MongoDB on Kubernetes. The app connects to Mongo using credentials stored in a Secret and the service URL stored in a ConfigMap — instead of hardcoding anything in the app config.
mongo-config.yaml → ConfigMap : holds the mongo service URL
mongo-secret.yaml → Secret : holds mongo credentials (base64 encoded)
mongo.yaml → Deployment + Service for MongoDB
webapp.yaml → Deployment + Service for the Node.js app
Configs and Secrets first — before deploying anything, the ConfigMap and Secret need to exist in the cluster because both Deployments reference them.
mongo-config.yaml
Just one key: mongo-url: mongo-service. This is the internal DNS name Kubernetes assigns to the Mongo Service. The webapp reads this to know where to connect.
mongo-secret.yaml
Stores mongo-user and mongo-password as base64 encoded values. Kubernetes Secrets use Opaque type for arbitrary key-value data like this.
mongo.yaml
MongoDB Deployment running mongo:8.2 on port 27017, with 1 replica. The root username and password are pulled directly from the Secret using secretKeyRef — so no plain text credentials in the deployment config. The Service (mongo-service) is ClusterIP by default, meaning it's only reachable inside the cluster.
webapp.yaml
Node.js app (nanajanashia/k8s-demo-app:v1.0) running on port 3000. It gets:
USER_NAMEandUSER_PWDfrom the Secret (same keys mongo uses for root credentials)DB_URLfrom the ConfigMap (points tomongo-service)
The Service is NodePort, exposed on port 30100 — so you can hit the app from outside the cluster at <NodeIP>:30100.
Secrets and ConfigMap must be applied before the Deployments, otherwise the pods will fail to start.
kubectl apply -f mongo-config.yaml
kubectl apply -f mongo-secret.yaml
kubectl apply -f mongo.yaml
kubectl apply -f webapp.yamlkubectl get pods
kubectl get servicesAccess the app at http://<NodeIP>:30100