Skip to main content
Intercept a Kubernetes pod using Telepresence, mount its ConfigMap volume on your local machine, and access configuration data as if the service were running in-cluster.

Table of Contents

Prerequisites

  • Kubernetes cluster access with kubectl configured
  • Telepresence installed
  • A local .env file for environment variables
Ensure your kubectl context is pointing to the intended cluster before starting the intercept.

Node.js Service Example

The products service is an Express.js app that reads API_URL from environment variables: 
require('dotenv').config({ override: true });
const express = require("express");
const app = express();
const port = 8000;

const apiURL = process.env.API_URL;
console.log("API_URL:", apiURL);

const products = [
  {
    id: 1,
    name: "iPhone 14",
    price: 900,
    category: "electronics",
    onSale: false,
  },
];

app.get("/products", (req, res) => {
  res.json(products);
});

app.listen(port, () => {
  console.log(`Products service listening on port ${port}`);
});

Kubernetes Deployment with ConfigMap Volume

Deploy the products-depl Deployment and mount a ConfigMap called db-info at /tmp: 
apiVersion: apps/v1
kind: Deployment
metadata:
  name: products-depl
spec:
  selector:
    matchLabels:
      app: products
  template:
    metadata:
      labels:
        app: products
    spec:
      volumes:
        - name: db-config
          configMap:
            name: db-info
      containers:
        - name: products
          image: sanjeevkt720/telepresence-products
          imagePullPolicy: Always
          ports:
            - containerPort: 8000
              name: web
          volumeMounts:
            - name: db-config
              mountPath: /tmp
          env:
            - name: API_URL
              value: "http://api.example.com"

ConfigMap Definition

Define your database connection details in a ConfigMap: 
apiVersion: v1
kind: ConfigMap
metadata:
  name: db-info
data:
  DB_HOST: "prod.db"
  DB_USERNAME: "myusername123"
  DB_PASSWORD: "mypassword123"
KeyValue
DB_HOSTprod.db
DB_USERNAMEmyusername123
DB_PASSWORDmypassword123

Intercepting with Telepresence and Mounting Volumes

  1. Check for existing intercepts: 
    telepresence list
  2. Create an intercept on port 8000, inject your .env, and mount the pod’s volumes: 
    telepresence intercept products-depl \
  --port 8000 \
  --env-file .env \
  --mount
Redirecting service traffic through your local machine may impact production workloads. Proceed with caution.
Example output (identifiers will vary): 
Using Deployment products-depl
  Intercept name          : products-depl
  State                   : ACTIVE
  Workload kind           : Deployment
  Destination             : 127.0.0.1:8000
  Service Port Identifier : 8000/TCP
  Volume Mount Point      : /tmp/telfs-2391723209
  Intercepting            : all TCP connections

Exploring the Mounted Volume

In a new terminal: 
cd /tmp/telfs-2391723209/tmp
ls
cat DB_HOST
# prod.db
You now have file-based access to the ConfigMap data.

Customizing the Local Mount Path

  1. End the current intercept: 
    telepresence leave products-depl
  2. Start a new intercept with a custom mount location: 
    telepresence intercept products-depl \
  --port 8000 \
  --env-file .env \
  --mount=/tmp/example123
Files now appear under /tmp/example123/tmp: 
cd /tmp/example123/tmp
ls
# DB_HOST  DB_PASSWORD  DB_USERNAME
Adjust your application or use symbolic links to consume these local files seamlessly.

References

Watch Video