How to setup GKE Cluster and GKE pods has to communicate with cloud sql and cloud sql password stored on google cloud secret manager
Question
I am trying to setup google kubernetes engine and its pods has to communicate with cloud sql database. The cloud sql database credentials stored on google cloud secret manger. How pods will fetch credentials from secret manager and if secret manager credentials updated how pod will get update the new secret.
How to setup above requirement. Can you someone please help on the same.
Thanks, Anand
2 answers
solution1
1 2021-12-17 10:32:49
You can make your deployed application get the secret (password) programmatically, from Google Cloud Secret Manager. You can find and example in many languages in the following link: https://cloud.google.com/secret-manager/docs/samples/secretmanager-access-secret-version
But before make sure that your GKE setup, more specifically your application is able to authenticate to Google Cloud Secret Manager. The following links can help you to choose the appropriate approche:
solution2
0
You can find information regarding that particular solution in this doc .
There are also good examples on medium here and here .
To answer your question regarding updating the secrets:
Usually secrets are pulled when the container is being created, but if you expect the credentials to change often (or for the pods to stick around for very long) you can adjust the code to update the secrets on every execution.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.