K
Q

Reading Kube Secrets from Java Program

9/15/2021

I'm working on a library to read secrets from a given directory that I've got easily up and running with Docker Swarm by using the /run/secrets directory as the defined place to read secrets from. I'd like to do the same for a Kubernetes deployment but looking online I see many guides that advise using various Kubernetes APIs and libraries. Is it possible to simply read from disk as it is with Docker Swarm? If so, what is the directory that these are stored in?

-- wyt
java
kubernetes
kubernetes-secrets

Similar Questions

Kubernetes gives an internal source IP although externalTrafficPolicy is set to Local
openshift - hostpath permission error but container not running
Kubernetes with logrotate sidecar mount point issue
Do we have StorageClass creation function in pykube?
Is Kubernetes/GKE default health probe defined in terms of the backing service at create time?

1 Answer

9/15/2021

Please read the documentation

I see 2 practical ways to access the k8s secrets:

  1. Mount the secret as a file
apiVersion: v1
kind: Pod
metadata:
  name: mypod
spec:
  containers:
  - name: mypod
    image: redis
    volumeMounts:
    - name: foo
      mountPath: "/etc/foo"
      readOnly: true
  volumes:
  - name: foo
    secret:
      secretName: mysecret
  1. Expose the secret as an environmental variable
apiVersion: v1
kind: Pod
metadata:
  name: secret-env-pod
spec:
  containers:
  - name: mycontainer
    image: redis
    env:
      - name: SECRET_USERNAME
        valueFrom:
          secretKeyRef:
            name: mysecret
            key: username
      - name: SECRET_PASSWORD
        valueFrom:
          secretKeyRef:
            name: mysecret
            key: password
-- gusto2
Source: StackOverflow