💭 (90) Kubernetes Secrets In 5 Minutes! - Youtube

2023-10-30

Waylon Walker

Tags

infra, k8s

!!! note This post is a thought. It's a short note that I make about someone else's content online. Learn more about the process here

Here's my thought on 💭 (90) Kubernetes Secrets in 5 Minutes! - YouTube

I am converting my docker compose env secrets over to k8s secrets. This guide was clear and to the point how I can replicate this exact workflow.

First set the secret, the easiest way is to use kubectl wtih --from-literal because it automatically base64 encodes for you.






        
kubectl create secret generic minio-access-key --from-literal=ACCESS_KEY=7FkTV**** -n shot

If you don't use the --from-literal you will have to base64 encode it.






        
echo "7FkTV****" | openssl base64

Once you have your secret deployed, you have to update the container spec in your deployment manifest to get the valueFrom secretKeyRef.






        
    spec:
      containers:
        - env:
            - name: ACCESS_KEY
              valueFrom:
                secretKeyRef:
                  key: ACCESS_KEY
                  name: minio-access-key
            - name: SECRET_KEY
              valueFrom:
                secretKeyRef:
                  key: SECRET_KEY
                  name: minio-secret-key
          image: registry.wayl.one/shot-scraper-api
          name: shot-wayl-one
          ports:
            - containerPort: 5000
              protocol: TCP
          resources: {}
      restartPolicy: Always

This post was a thought by Waylon Walker see all my thoughts at https://waylonwalker.com/thoughts