Include Secrets in K8S Deployment

Posted on by Dom Hernandez Posted in ./cloud

Kubernetes Secrets is a feature in Kubernetes that allows you to store and manage sensitive data, such as passwords, OAuth tokens, and SSH keys. In this blog post, we’ll take a closer look at how Kubernetes Secrets works and how you can use it in your own projects.

One of the main benefits of Kubernetes Secrets is that it allows you to store sensitive data in a secure and encrypted way. When you create a Secret in Kubernetes, the data is stored as base64-encoded strings, which helps to prevent accidental leakage of sensitive information.

Kubernetes Secrets can be used to store a wide range of sensitive data, including:

  • Passwords and API keys
  • SSL/TLS certificates and keys
  • OAuth tokens
  • SSH keys

To use Kubernetes Secrets in your own projects, you’ll need to create a Secret resource and then reference it in your Deployment or Pod configuration. Here’s an example of how you might create a Secret in Kubernetes:

apiVersion: v1
kind: Secret
metadata:
  name: my-secret
data:
  username: YWRtaW4=
  password: MWYyZDFlMmU2N2Rm

In this example, we’re creating a Secret called my-secret that contains two pieces of sensitive data: a username and a password. The data is stored as base64-encoded strings.

To use this Secret in a Deployment, you can simply reference it in the spec.template.spec.containers.env field:

apiVersion: apps/v1
kind: Deployment
metadata:
  name: my-deployment
spec:
  replicas: 1
  selector:
    matchLabels:
      app: my-app
  template:
    metadata:
      labels:
        app: my-app
    spec:
      containers:
      - name: my-container
        image: my-image
        env:
        - name: USERNAME
          valueFrom:
            secretKeyRef:
              name: my-secret
              key: username
        - name: PASSWORD
          valueFrom:
            secretKeyRef:
              name: my-secret
              key: password

In this example, we’re using the valueFrom field to reference the username and password data stored in our my-secret Secret. This allows us to use the data in our container without exposing it directly in our Deployment configuration.

Kubernetes Secrets is a powerful and useful feature that allows you to store and manage sensitive data in a secure and encrypted way. By using Kubernetes Secrets, you can ensure that your sensitive data is protected and prevent accidental leakage of sensitive information.

Leave a Reply