k8s/python: How do I read a secret using the Kubernetes Python client?
Question
I want to do the opposite of this question:
How to create secrets using Kubernetes Python client?
ie:
How do I read an existing secret from a kubernetes cluster via the kubernetes-python API?
The use case is: I want to authenticate to mongodb (running in my cluster) from a jupyter notebook (also running in my cluster) without, for obvious reasons, saving the mongodb auth password inside the jupyter notebook.
Thanks!
2 answers
solution1
12 2019-03-15 09:04:22
- Install Kubernetes client for python
- Now you can pull the secret. For example secret name -
mysql-pass, namespace -default
from kubernetes import client, config
config.load_kube_config()
v1 = client.CoreV1Api()
secret = v1.read_namespaced_secret("mysql-pass", "default")
print(secret)
- If you need to extract decoded password from the secret
from kubernetes import client, config
import base64
import sys
config.load_kube_config()
v1 = client.CoreV1Api()
sec = str(v1.read_namespaced_secret("mysql-pass", "default").data)
pas = base64.b64decode(sec.strip().split()[1].translate(None, '}\''))
print(pas)
Hope this will help.
solution2
2 2020-11-02 16:48:22
If you use kubernetes client api it will give you response as a dict datatype and you might not need to do spiting etc, You can say something like this,
from kubernetes import client, config
import base64
config.load_kube_config()
v1 = client.CoreV1Api()
sec = v1.read_namespaced_secret("default-token-rsbq7", "default").data
cert = base64.b64decode(sec["ca.crt"])
print(cert)
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.