将 Vault Secret 注入 K8s configmap
[英]Inject vault secret into K8s configmap
问题描述
I have deployed vault in K8s .
我已经在 K8s 中部署了保管库。 I would like to know how to inject the vault secret in the configmap of a application which has all the configuration of the application.我想知道如何在具有应用程序所有配置的应用程序的配置映射中注入保险库秘密。
1 个解决方案
解决方案1
1 2022-05-18 07:39:03
It's not possible you can not mount the vault secret into config map.您不可能无法将保管库机密安装到配置映射中。 But you can parallelly inject both configmap and vault secret to single deployment.但是您可以将configmap和vault secret并行注入到单个部署中。
- If you are mounting configmap as the file you can mount vault secret as file into same directory or another directory.如果您将 configmap 作为文件挂载,您可以将 Vault Secret 作为文件挂载到同一目录或另一个目录中。
- If injecting configmap as an environment variable you can also do the same with vault secret.如果将 configmap 作为环境变量注入,您也可以对 Vault Secret 执行相同操作。
If you are injecting the configmap as environment variable i would suggest checking out the : https://github.com/DaspawnW/vault-crd如果您将configmap作为环境变量注入,我建议您查看: https ://github.com/DaspawnW/vault-crd
vault-crd sync the vault secret to Kubernetes secret and you can easily inject Kubernetes secret to deployment. vault-crd将Vault Secret 同步到Kubernetes Secret ,您可以轻松地将Kubernetes Secret注入到部署中。 Although it's not good considering the security perspective.尽管从安全角度考虑这并不好。
There are many different method you can inject vault secret into deployment.有许多不同的方法可以将 Vault Secret 注入到部署中。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.