Question : The Nautilus DevOps team is working to deploy some tools in Kubernetes cluster. Some of the tools are licence based so that licence information needs to be stored securely within Kubernetes cluster. Therefore, the team wants to utilize Kubernetes secrets to store those secrets. Below you can find more details about the requirements:
We already have a secret key file beta.txt under /opt location on jump host. Create a secret named as beta and it should contain the password/license-number present in beta.txt file.
Also create a pod named secret-devops.
Configure pod's spec as container name should be secret-container-devops, image should be ubuntu preferably with latest tag (remember to mention the tag with image). Use command '/bin/bash', '-c' and 'sleep 10000' for container. Consume the created secret in a volume named secret-volume-devops . The mount path should be /opt/apps and mode should be readOnly.
To verify you can exec into the container secret-container-devops, to check the secret key under the mounted path /opt/apps.
Secret type should be generic.
Note: The kubectl utility on jump_host has been configured to work with the kubernetes cluster.
Please Note:- Perform the below commands based on your question server, user name & other details that might differ. So please read the task carefully before executing it. All the Best 👍
Solution:
1. At first create a secret named as beta as per the given path
|
thor@jump_host
/$ cat /opt/beta.txt 5ecur3! thor@jump_host
/$ thor@jump_host
/$ kubectl create secret generic beta --from-file=/opt/beta.txt secret/beta
created thor@jump_host
/$ thor@jump_host /$ ll /opt total 4 -rw-r--r-- 1
thor thor 8 Jul 9 12:47 beta.txt thor@jump_host
/$ |
2. Create a YAML file with all the parameters, Kindly do the changes as per task
you can copy form GitLab https://gitlab.com/nb-tech-support/devops.git
( Refer Below Video for more clarity )
|
thor@jump_host
/$ vi /tmp/secret.yml thor@jump_host
/$ cat /tmp/secret.yml apiVersion: v1 kind: Pod metadata: name: secret-devops labels: name: myapp spec: volumes: - name: secret-volume-devops secret: secretName: beta containers: - name: secret-container-devops image: ubuntu:latest command: ["/bin/bash",
"-c", "sleep 10000"] volumeMounts: - name: secret-volume-devops mountPath: /opt/apps readOnly: true thor@jump_host /$ |
3. Run the below command to create a pod
thor@jump_host /$ kubectl create -f /tmp/secret.yml pod/secret-devops created thor@jump_host /$ |
4. Wait for pods to get running status
|
thor@jump_host
/$ kubectl get pods NAME READY STATUS
RESTARTS AGE secret-devops 1/1
Running 0 7s thor@jump_host
/$ |
5. Validate the task by running the below command
|
thor@jump_host /$ kubectl exec secret-devops -- cat
/opt/apps/beta.txt 5ecur3! thor@jump_host /$ |
6. Click on Finish & Confirm to complete the task successfully
Happy Learning!!!!
please go through and share your comments. Like and share the knowledge
0 Comments