Programs control their operation often through configuration that is included with the software. Environment variables allow users to set these variables at runtime. But Docker containers can make things more complicated. So how do you pass environment variable to a container.
What are Environment Variables Used for?
Environment variables allow you to decouple the configuration from the application’s executable.For example, you wouldn’t want to store your production database password in your codebase—if you did, it would be visible from Git, and anyone with access to your code could take down your database.
Instead, you set it with an environment variable, which stores a simple key-value pair, and allows you to access the value inany application running in the same shell session (they’re not globally accessible). This also allows you to easily create different configurations for different environments. This could include having different keys for development and production databases or using a different endpoint of the API.
Setting these variables for Docker containers can be done in three main ways—with CLI arguments, .envconfig files or through docker-compose.
A Command Line Argument
This command is used to launch Docker container. docker runENV variables are accepted as arguments by. Simply run it with -eFlag, shorthand --envPass in the key=value pairing:
sudo docker run -e POSTGRES_USER='postgres' -e POSTGRES_PASSWORD='password' ...
If you have the environment variables already set up in the environment where you are running the command, you can simply pass them in by name.
// set variable POSTGRES_PASSWORD='password' // Use it later docker run -e POSTGRES_PASSWORD –ePOSTGRES_USER
Additional Security With a.env File
Passing variables with CLI arguments works great, but it has a downside—those variables are visible from the host. They’re logged in the command history, and visible in the process listing for the launched process.
Linux has a built in way to manage permissions for this—file access. The variables can be stored in an.envfile allows you to manage access to the file by setting file permissionschmod, Chown).
Make an .envEach variable should be on a separate line.
POSTGRES_PASSWORD='password' POSTGRES_USER='postgres' APPLICATION_URL='example.com'
Pass it on docker runWith the --env-fileflag:
docker run --envfile./envfile
Docker-Compose
Many people don’t launch Docker containers directly with Docker containers. docker runInstead, you can choose to use a docker-composeFile is used to configure multiple containers for a single application.
To pass environment variables to a container launched this way, you will have to configure the compose file to pass the session’s variables through to the Docker container. This configuration will pass the POSTGRES_USERVariable that is used to define the build environment and runtime environment. It also sets a default value if it doesn’t exist.
version: '3.1'
services:
my-service:
build:
context: .
args:
- POSTGRES_USER=${POSTGRES_USER:-default}
environment:
- POSTGRES_USER=${POSTGRES_USER:-default}
Before you can run, you will need to set the environment variables Docker-compose upOtherwise, it will not be capable of accessing them. You could store them in the compose file, but that’s usually tracked and versioned, which defeats the purpose of env variables.
Kubernetes
Kubernetes can manage hundreds of containers over a network. It still uses Docker, but you will only ever touch configuration, so passing environment variables directly won’t work.
Instead, you can specify them in the configuration of the Pod
apiVersion: v1
Kind:
metadata:
Name: Example
spec:
containers:
- ...
env:
- name: SERVICE_PORT
value: "80"
- name: SERVICE_IP
value: "172.17.0.1"
Kubernetes is complex and there are many different ways to interact with environment variables. Learn more at Read their guides on how to inject data into Pods.