secrets

Introduction to sealed secrets in Kubernetes

Reading Time: 4 minutes In this blog we will learn about secrets management in Kubernetes. This will be a descriptive blog and it will be followed by a practical implementation of sealed secrets in the upcoming blog. We will know how sealed secrets will help us follow the Gitops approach where secret manifests can be safely stored in a GitHub repository post encryption. What is Kubernetes? Kubernetes is an Continue Reading

European handicapped girl in vr glasses on sofa at home. Healing technology, robotic limb.

Using sealed secrets in Kubernetes

Reading Time: 3 minutes This is a practical implementation of the previous blog: Introduction to Sealed Secrets in Kubernetes.In this blog, we will create secrets in Kubernetes with the help of sealed secrets. Pre-requisites: Install kubeseal Kubeseal is a CLI tool that seals a secret with the help of the controller’s public key and creates a CRD for the sealed secret. wget https://github.com/bitnami-labs/sealed-secrets/releases/download/v0.19.2/kubeseal-0.19.2-linux-amd64.tar.gz tar -xvzf kubeseal-0.19.2-linux-amd64.tar.gz install -m 755 Continue Reading

Computer code on screens

How to Encrypt Kubernetes Secrets with Sealed Secrets?

Reading Time: 5 minutes Why Sealed Secrets? As we know, Secrets in Kubernetes are used to store sensitive data, like password, keys, certificates and token. Secrets are encoded in base64 and automatically decoded when they are attached and read by a Pod. A secret in Kubernetes cluster is encoded in base64 but not encrypted! These data are “only” encoded so if a user has access to your secrets, he can simply execute Continue Reading