Mounting entire volumes as secrets in kubernetes

6/26/2020

I am running locally a container as follows:

docker run --rm \
  --name=my-container \
  --net=host \
  -v $(pwd)/producer.properties:/etc/replicator/producer.properties \
  -v $(pwd)/consumer.properties:/etc/replicator/consumer.properties \
  -v $(pwd)/service-keystore.jks:/etc/replicator/destination.keystore.jks \
  -v $(pwd)/service-truststore.jks:/etc/replicator/destination.truststore.jks \
  repo/image

The problem is that all files mounted as volumes contain sensitive data.

I am trying to port the above to kubernetes

How can I mount the files, and treat them as secrets at the same time?

-- pkaramol
kubernetes
kubernetes-secrets

1 Answer

6/26/2020

Create a secret resource from the files with name secretname(example) and mount the secret into the container directly as below

spec:
  volumes:
  - name: secret-volume
    secret:
      secretName: secretname
  containers:
  - name: containername
    image: imagename
    volumeMounts:
    - name: secret-volume
      readOnly: true
      mountPath: "/etc/secret-volume"
-- Arghya Sadhu
Source: StackOverflow