K
Q

How to inject secret value to Kubernetes crd?

10/12/2020

I want to inject secret values to Kubernetes crd. For example, suppose I have Jaeger crd yaml file, and as the Elasticsearch server-url, password are secret values, I want them to be injected using Vault. When using Deployment, I can inject the secrets using Vault secret, by first creating secrets and loading them from envs in container. However, as crd cannot be done that way, I don't know how to inject the values from outside securely in code. Any ideas?

apiVersion: jaegertracing.io/v1
kind: Jaeger
metadata:
  name: jaeger
spec:
  strategy: production
  collector:
    maxReplicas: {{ .Values.collector.maxReplicas }}
    resources:
{{ toYaml .Values.resources | indent 14 }}
  storage:
    type: elasticsearch
    options:
      es:
        server-urls: {{ .Values.storage.es.server_urls }}
        index-prefix: {{ .Values.storage.es.index_prefix }}
        username: {{ .Values.storage.es.username }}
        password: {{ .Values.storage.es.password }}
-- Piljae Chae
hashicorp-vault
kubernetes
kubernetes-secrets

Similar Questions

kubectl terminal command not working from crontab , how to fix?
how to remove kubernetes with all it's dependencies Centos 7
(1045, "Access denied for user 'root'@'cloudsqlproxy~[cloudsql instance ip]' (using password: NO)")
Load balancing in Spring boot micro services hosted on Kubernetes
Kubernetes - set env var using the value of one of the auto generated service env vars

0 Answers