Skip to content

lrotermund/deployments

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

54 Commits
cert-manager/base
cert-manager/base
 
 
cluster
cluster
 
 
tools
tools
 
 
README.md
README.md
 
 
kustomization.yaml
kustomization.yaml
 
 

Repository files navigation

K8S practice cluster

Seal a secret

The following steps describe, how to generate a sealed secret: kubectl-commands > secret generic

  1. Generate the source secret file

    • From raw data
    kubectl create secret generic my-secret --dry-run=client --from-literal=name=secretname --from-literal=password=topsecret -o yaml > my-secret.yaml
    • From a file:
    kubectl create secret generic my-secret --dry-run=client --from-file=mysecret=path/to/mysecret -o yaml > my-secret.yaml

  2. Seal the previously generated secret file

kubeseal --format yaml < my-secret.yaml > my-sealedsecret.yaml
  1. Cleanup

Remove the raw secret carefully so that it is not versioned by git. Last but not least add the sealed secret to git.

Force http to https redirect with traefik

Add the following ingress annotation to enable http to https redirects:

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: myingress
  namespace: mynamespace
  annotations:
    traefik.ingress.kubernetes.io/router.middlewares: default-redirect-https@kubernetescrd

About

k8s provisioning

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published