3.7.0
What's New in ioFog 3.7.0?Core ConceptsArchitectureQuick Start With Local Deployment
IntroductionDownloadGetting FamiliarResource ManagementConnect/DisconnectLegacy
CLI Reference
iofogctliofogctl attachiofogctl attach agentiofogctl attach edge-resourceiofogctl attach execiofogctl attach exec agentiofogctl attach exec microserviceiofogctl attach volume-mountiofogctl completioniofogctl completion bashiofogctl completion fishiofogctl completion powershelliofogctl completion zshiofogctl configureiofogctl connectiofogctl createiofogctl create namespaceiofogctl deleteiofogctl delete agentiofogctl delete alliofogctl delete application-templateiofogctl delete applicationiofogctl delete catalogitemiofogctl delete certificateiofogctl delete configmapiofogctl delete controlleriofogctl delete edge-resourceiofogctl delete microserviceiofogctl delete namespaceiofogctl delete nats-account-ruleiofogctl delete nats-user-ruleiofogctl delete registryiofogctl delete roleiofogctl delete rolebindingiofogctl delete secretiofogctl delete serviceiofogctl delete serviceaccountiofogctl delete volume-mountiofogctl delete volumeiofogctl deployiofogctl describeiofogctl describe agent-configiofogctl describe agentiofogctl describe application-templateiofogctl describe applicationiofogctl describe certificateiofogctl describe configmapiofogctl describe controlleriofogctl describe controlplaneiofogctl describe edge-resourceiofogctl describe microserviceiofogctl describe namespaceiofogctl describe nats-account-ruleiofogctl describe nats-accountiofogctl describe nats-user-ruleiofogctl describe nats-useriofogctl describe registryiofogctl describe roleiofogctl describe rolebindingiofogctl describe secretiofogctl describe serviceiofogctl describe serviceaccountiofogctl describe system-microserviceiofogctl describe volume-mountiofogctl describe volumeiofogctl detachiofogctl detach agentiofogctl detach edge-resourceiofogctl detach execiofogctl detach exec agentiofogctl detach exec microserviceiofogctl detach volume-mountiofogctl disconnectiofogctl execiofogctl exec agentiofogctl exec microserviceiofogctl getiofogctl legacyiofogctl logsiofogctl moveiofogctl move agentiofogctl move microserviceiofogctl natsiofogctl nats accountsiofogctl nats accounts ensureiofogctl nats operatoriofogctl nats operator describeiofogctl nats usersiofogctl nats users create-mqtt-beareriofogctl nats users createiofogctl nats users credsiofogctl nats users delete-mqtt-beareriofogctl nats users deleteiofogctl pruneiofogctl prune agentiofogctl rebuildiofogctl rebuild microserviceiofogctl rebuild system-microserviceiofogctl renameiofogctl rename agentiofogctl rename applicationiofogctl rename controlleriofogctl rename edge-resourceiofogctl rename microserviceiofogctl rename namespaceiofogctl rollbackiofogctl startiofogctl start applicationiofogctl start microserviceiofogctl stopiofogctl stop applicationiofogctl stop microserviceiofogctl upgradeiofogctl versioniofogctl view
IntroductionPrepare Your NetworkPrepare Realm and OIDC ClientKeycloak DeploymentPrepare Your Remote HostsRemote Control PlaneKubernetes Prepare ClusterExternal Database DeploymentKubernetes iofogctlSetup Your AgentsAirgap Deployment
Securing ClusterRolesRole BindingsCertificates ManagerNATs Account RuleNATs User RuleNATs JWT Authentication
IntroductionAgent ConfigurationAttach/DetachVolumesDocker Image PruningUpgrade/Rollback
IntroductionApplication TemplatesMicroservice Lifecycle ManagementMicroservice LogsMicroservice Move/RenameMicroservice Registry Catalog
YAML KindsControl PlaneAgentApplicationApplication TemplateRegistryCatalogOfflineImageSecretCertificateConfigMapVolumeMountServiceRoleRoleBindingNatsAccountRuleNatsUserRule
ECN Viewer
OverviewConfigurationREST API
OverviewCLI UsageLocal APIConfigurationAgent Logs
HALREST Blue
GuidelinesCode of Conduct

ConfigMap YAML Specification

iofogctl allows users to deploy and manage configMaps.

The configMap has a very simple definition

apiVersion: iofog.org/v3
kind: ConfigMap
metadata:
  name: test-configMap
spec:
  immutable: false
data:
  key1: value1  
  key2: value2
apiVersion: iofog.org/v3
kind: ConfigMap
metadata:
  name: test-nats-configmap
spec:
  immutable: true
data:
  accounts.conf: |
    accounts: {
      USERS: {
        users: [
          {user: test, password: test}
        ],
        jetstream: enabled
      }
    }
  nats-server.conf: |
    port: 4222
    server_name: test-leaf
    jetstream {
      store_dir="./store_leaf"	
        domain: test
    }
    leafnodes {
        remotes = [
            {
                urls: ["nats://test:test@example.online:7422"]
                account: "USERS"
                tls: {
                    ca_file: "/etc/nats/certs/leafnodes/ca.crt"
                    cert_file: "/etc/nats/certs/leafnodes/tls.crt"
                    key_file: "/etc/nats/certs/leafnodes/tls.key"
                    verify: true
                    handshake_first: true
                }
            },
        ]
    }
    mqtt {
      port: 1884 
    }
Field Description
spec.immutable Is configMap immutable? true or false
spec.useVault Optional. When true, ConfigMap values can be resolved from a vault backend instead of static data.
data ConfigMap data with key value pairs (or vault references when useVault is enabled).

Vault integration

ConfigMap supports vault integration so that sensitive or dynamic values can be pulled from an external secrets store instead of storing them literally in the spec. When useVault (or the equivalent option) is enabled, the Controller can resolve ConfigMap keys from supported backends, including:

  • HashiCorp Vault
  • OpenBao
  • AWS Secrets Manager
  • Google Secret Manager
  • Azure Key Vault

Configuration for vault connection (endpoint, auth, path) is typically provided via Controller configuration or environment variables. Refer to the Controller documentation for the exact vault-related settings.