Skip to content

Kubernetes - Secrets

Step-01: Introduction

  • Kubernetes Secrets let you store and manage sensitive information, such as passwords, OAuth tokens, and ssh keys.
  • Storing confidential information in a Secret is safer and more flexible than putting it directly in a Pod definition or in a container image.

Azure Kubernetes Service with Azure DevOps and Terraform

Step-02: Create Secret for MySQL DB Password

# Mac
echo -n 'dbpassword11' | base64

# URL: https://www.base64encode.org

Create Kubernetes Secrets manifest

apiVersion: v1
kind: Secret
metadata:
  name: mysql-db-password
#type: Opaque means that from kubernetes's point of view the contents of this Secret is unstructured.
#It can contain arbitrary key-value pairs. 
type: Opaque
data:
  # Output of echo -n 'Redhat1449' | base64
  db-password: ZGJwYXNzd29yZDEx

Step-03: Update secret in MySQL Deployment for DB Password

          env:
            - name: MYSQL_ROOT_PASSWORD
              valueFrom:
                secretKeyRef:
                  name: mysql-db-password
                  key: db-password

Step-04: Update secret in UWA Deployment

  • UMS means User Management Microservice
                - name: DB_PASSWORD
                  valueFrom:
                    secretKeyRef:
                      name: mysql-db-password
                      key: db-password
    

Step-05: Create & Test

# Create All Objects
kubectl apply -f kube-manifests/

# List Pods
kubectl get pods

# Get Public IP of Application
kubectl get svc

# Access Application
http://<External-IP-from-get-service-output>
Username: admin101
Password: password101

Step-06: Clean-Up

  • Delete all k8s objects created as part of this section
    # Delete All
    kubectl delete -f kube-manifests/
    
    # List Pods
    kubectl get pods
    
    # Verify sc, pvc, pv
    kubectl get sc,pvc,pv
    

Best Selling Azure Kubernetes Service Course on Udemy

Image

Best Selling AWS EKS Kubernetes Course on Udemy

Image

HashiCorp Certified Terraform Associate - 50 Practical Demos

Image