K
Q

Retrieve environment secret from AKS kubernetes cluster for deployed ASP.Net core web app

10/16/2018

I've got a web app deployed to AKS and it's generally up and running fine. I am now trying to extend its functionality by adding access to Azure sql.

We are using VSTS/Azure DevOps for deployment.

I've deployed a secret to the cluster using the command:

kubectl secret generic sampleapp-appsettings --from-literal=DBConnectionString="$(var_DBConnectionString)"

I've checked the cluster from the kubernetes dashboard and can see it has been deployed as expected. The secret is a connection string to the database

However, I'm struggling to retrieve the secret from the deployed pods. I've created an environment variable for ASPNETCORE_ENVIRONMENT, with a value for Kubernetes.

Here's part of my deployment yaml:

    spec:
  containers:
  - name: sampleapp-services
    image: sampleapp.azurecr.io/sampleapp-services:latest
    imagePullPolicy: Always          
    env:
    - name: "ASPNETCORE_ENVIRONMENT"
      value: "Kubernetes"
    - name: services-appsettings
      valueFrom:
        secretKeyRef:
          name: services-appsettings
          key: DBConnectionString          
    ports:
    - containerPort: 80

I've added an api endpoint to my app for the purposes of debugging and can see that the ASPNETCORE_ENVIRONMENT value is being pull correctly.

however, the DBConnectionString value isn't being correctly pull from the kubernetes secret. instead it's being retrieved from the appsettings.json file. I've got some code in my app which is just outputting the values:

        [HttpGet("settings")]
    public ActionResult<string> GetAppSettings()
    {
        var message = 
quot;Host: {Environment.MachineName}\n" +
                      
quot;EnvironmentName: {_env.EnvironmentName}\n" +
                      
quot;Secret value: {_dataSettings.ConnectionString}";
        return message;
    }

in my DataSettings class I've got code like this:

 var value = Environment.GetEnvironmentVariable("DBConnectionString");

However, this isn't pulling back the secret value from the kubernetes cluster that I'm expecting.

I've followed some examples, like this - but they don't help.

blog

Has anyone got some simple step by step instructions/samples that might help?

thanks

-- ossentoo
asp.net-core
azure-aks
kubernetes

Similar Questions

Trying to add a node to the kubernetes cluster using kubeadm join is showing an error
Kubernetes SSL AWS ELB setup config map for HTTP to HTTPS Flask
How to control /etc/hosts file from over writing
what happens if the java heap memory limits is different than the pod resource limits in kubernetes?

1 Answer

10/18/2018

The command you have specified to create secret is missing create and creates a secret by name 'sampleapp-appsettings' however in deployment.yaml you have specified 'services-appsettings' instead. I assume the snippets you listed are just for reference and in actual code these values match.

Secondly, environment variable - name: services-appsettings should match to the name you have specified in code. As per your snippets, Environment.GetEnvironmentVariable("DBConnectionString") is having 'DBConnectionString' however your yaml is having 'services-appsettings'

Lastly, I hope in Web API, you are calling .AddEnvironmentVariables() while building config.

-- Atul Verma
Source: StackOverflow