kubernetes-secrets

How to set secret files to kubernetes secrets by yaml?

大兔子大兔子 提交于 2020-06-09 08:37:13
问题 I want to store files in Kubernetes Secrets but I haven't found how to do it using a yaml file. I've been able to make it using the cli with kubectl : kubectl create secret generic some-secret --from-file=secret1.txt=secrets/secret1.txt But when I try something similar in a yaml : apiVersion: v1 kind: Secret metadata: name: some-secret type: Opaque data: secret1.txt: secrets/secret1.txt I´ve got this error: [pos 73]: json: error decoding base64 binary 'assets/elasticsearch.yml': illegal

SSL.keystore.location can't find JKS file in my Kubernetes secrets mount

跟風遠走 提交于 2020-05-17 07:45:39
问题 I have created a secret for my JKS file under volume mount /etc/secrets/keystore. I am accessing my JKS file path as an environment variable where ssl.keystore.location gets resolved as file:///etc/secrets/keystore/ssl.jks. But I get exception from SSL engine builder that modification time of keystore couldn't be found and java.nio.file.NoSuchFile Exception file:/etc/secrets/keystore/ssl.jks 回答1: Remove the file:// . The keystore is opened by the Kafka client, not Spring. Kafka knows nothing

generate dynamic secret name inside kubernetes deployment file

烂漫一生 提交于 2020-05-17 07:03:07
问题 I have 2 secrets i.e. production and staging. I want to dynamically load this secret in deployment file using the environment variable being set in same file env: - name: NODE_ENV value: "production" - name: general-secret secret: secretName: general-production-secret I want to load environment specific secrets like using secretName: general-{{env. NODE_ENV}}-secret Is it possible? 回答1: As far as I know, this is not possible unless you have Helm chart for your applications, then you can make

Import data to config map from kubernetes secret

|▌冷眼眸甩不掉的悲伤 提交于 2020-02-23 09:54:05
问题 I'm using a kubernetes ConfigMap that contains database configurations for an app and there is a secret that has the database password. I need to use this secret in the ConfigMap so when I try to add environment variable in the ConfigMap and specify the value in the pod deployment from the secret I'm not able to connect to mysql with password as the values in the ConfigMap took the exact string of the variable. apiVersion: v1 kind: ConfigMap metadata: name: config data: APP_CONFIG: | port:

Import data to config map from kubernetes secret

前提是你 提交于 2020-02-23 09:52:09
问题 I'm using a kubernetes ConfigMap that contains database configurations for an app and there is a secret that has the database password. I need to use this secret in the ConfigMap so when I try to add environment variable in the ConfigMap and specify the value in the pod deployment from the secret I'm not able to connect to mysql with password as the values in the ConfigMap took the exact string of the variable. apiVersion: v1 kind: ConfigMap metadata: name: config data: APP_CONFIG: | port:

kubernetes secret items not mounted as file path

孤街浪徒 提交于 2020-02-04 17:05:33
问题 I have the following yaml: volumeMounts: - name: app-secret mountPath: /app readOnly: true volumes: - name: app-secret secret: secretName: app-secret items: - key: app-secret.json path: appsettings.secret.json I expect the secret is mounted on /app/appsettings.secret.json but it isn't. I don't know where it is mounted and the container crashes and I don't have a chance to kubectl exec into the container to inspect where the secret is mounted. My guess is that it wipes out the content of /app

kubernetes secret items not mounted as file path

时间秒杀一切 提交于 2020-02-04 17:04:35
问题 I have the following yaml: volumeMounts: - name: app-secret mountPath: /app readOnly: true volumes: - name: app-secret secret: secretName: app-secret items: - key: app-secret.json path: appsettings.secret.json I expect the secret is mounted on /app/appsettings.secret.json but it isn't. I don't know where it is mounted and the container crashes and I don't have a chance to kubectl exec into the container to inspect where the secret is mounted. My guess is that it wipes out the content of /app

Kubernetes: modify a secret using the kubectl?

守給你的承諾、 提交于 2019-12-20 11:10:39
问题 How can I modify the values in a Kubernetes secret using the kubectl ? I created the secret with kubernetes create secret generic , but there does not seem to be a way to modify a secret. For example, to add a new secret-value to it, or to change a secret-value in it. I assume i can go 'low-level', and write the yaml-file and do a kubectl edit but I hope there is a simpler way. (I'm using kubernetes 1.2.x ) 回答1: The most direct (and interactive) way should be to execute kubectl edit secret

Concourse CI can't find kubernetes secrets

此生再无相见时 提交于 2019-12-13 17:34:46
问题 I'm receiving the following error when the runner is trying to retrieve a resource: checking failed - Expected to find variables: git my resource looks similar to: - name: resource-repo type: git source: uri: https://[url] branch: master tag_filter: '*' username: ((git.username)) password: ((git.password)) my values.yaml for the helm chart includes: rbac: create: false credentialManager: kubernetes: namespacePrefix: concourse (regardless, the release name is concourse) under namespace

Intermittent failure creating container on Kubernetes - failing to mount default token

强颜欢笑 提交于 2019-12-11 04:21:20
问题 For the past couple of days we have been experiencing an intermittent deployment failure when deploying (via Helm) to Kubernetes v1.11.2. When it fails, kubectl describe <deployment> usually reports that the container failed to create: Events: Type Reason Age From Message ---- ------ ---- ---- ------- Normal Scheduled 1s default-scheduler Successfully assigned default/pod-fc5c8d4b8-99npr to fh1-node04 Normal Pulling 0s kubelet, fh1-node04 pulling image "docker-registry.internal/pod