K
Q

k8s/python: How do I read a secret using the Kubernetes Python client?

3/14/2019

I want to do the opposite of this question:

How to create secrets using Kubernetes Python client?

i.e.:

How do I read an existing secret from a kubernetes cluster via the kubernetes-python API?

The use case is: I want to authenticate to mongodb (running in my cluster) from a jupyter notebook (also running in my cluster) without, for obvious reasons, saving the mongodb auth password inside the jupyter notebook.

Thanks!

-- jtlz2
jupyter-notebook
kubernetes
mongodb
python

Similar Questions

Got certificaes tls.crt and tls.key, but browser still raise connection is not private
Istio policy not authenticating JWT
How to configure kubernetes_sd_configs to discover services in a different cluster
How can I integrate my application with Kubernetes cluster running Docker containers?

1 Answer

3/15/2019
  1. Install Kubernetes client for python

  2. Now you can pull the secret. For example secret name - mysql-pass, namesapce - default

    from kubernetes import client, config config.load_kube_config() v1 = client.CoreV1Api() secret = v1.read_namespaced_secret("mysql-pass", "default") print(secret)

  3. If you need to extract decoded password from the secret

    from kubernetes import client, config import base64 import sys config.load_kube_config() v1 = client.CoreV1Api() sec = str(v1.read_namespaced_secret("mysql-pass", "default").data) pas = base64.b64decode(sec.strip().split()[1].translate(None, '}\'')) print(pas)

Hope this will help.

-- A_Suh
Source: StackOverflow