DeveloperPlayBook
Python
Python
  • Introduction
  • Architecture
    • Technology Stack
    • ADR Records
  • Design
  • Bootstraping
  • Development Environment
    • Accounts (AWS, GCP, CircleCI)
  • Services/API
    • Serverless
    • Containers
    • Python
    • Firebase
    • Chatbots
    • Testing
  • Frontend
    • Serverless
    • Containers
    • Chatbot
  • Plattform
  • IAM - IAMaaS
  • Persistance - DBaaS
    • Serverless
    • Container
  • Event Driven / Streaming aaS
    • Kinesis
  • AI - AIaaS
  • Production / Reliability Engineering
  • create-k8s-secrets
  • VI
  • Tools
Powered by GitBook
On this page

create-k8s-secrets

PreviousProduction / Reliability EngineeringNextVI

Last updated 6 years ago

-> use Creating a Secret Manually

Encode the values base64 / better use visual studio code plugin Encode Decode (Convert Section)

echo -n "admin" | base64

! in kubernetes the env variables are authomatically decoded !

create secret file in a folder without version control

apiVersion: v1
kind: Secret
metadata:
  name: mysecret
type: Opaque
data:
  username: YWRtaW4=
  password: MWYyZDFlMmU2N2Rm

encrypt the folder with gpg

install gpg tools:

create to following aliases in .zshrc:

alias lock-secret-files="cd ~/Desktop/ && gpg-zip -e -o secret-files -r den.seidel@gmail.com secret && mv -f ~/Desktop/secret-files ~/Google\ Drive/backupx/ && rm -rf ~/Desktop/secret"

alias unlock-secret-files="cd ~/Desktop && gpg-zip -d ~/Google\ Drive/backupx/secret-files -r den.seidel@gmail.com"

create secret in kubernetes (secrets muss be in the same namespace as the pod!)

kubectl create --namespace=default -f ./secret.yaml

in kubernetes

https://kubernetes.io/docs/concepts/configuration/secret/
https://gpgtools.org/
https://www.gnupg.org/documentation/manuals/gnupg/gpg_002dzip.html