Skip to main content

Create a secret and add it to a Kubernetes pod

Secrets are incredibly crucial. Why? Because we don't want things in plain text. API keys, passwords, connect strings, etc. should all be hidden. Today we're going to see how we can manage k8s secrets.

For my Dev environment, I've simply spun up minikube. You'll need to confirm how to do this for your Operating System.

Let's spin up a simple Nginx pod.

apiVersion: v1
kind: Pod
  name: nginx
  - name: nginx
    image: nginx:latest

The above is a Kubernetes manifest that will spin up a 1 pod of Nginx.

In the same directory that your nginx.yml lives, run kubectl create -f nginx.yml to run your deployment.

Now we can create a new secret by creating a new secret manifest.

apiVersion: v1
kind: Secret
  name: new-secret
type: Opaque
  password: MWYyZDFlMmU2N2Rm

Let's go ahead and run kubectl apply -f secret.yml to create our new secret.

Now that we have a secret created, let's go ahead and look at the contents of the secret. By running kubectl get secret new-secret -o yaml I can see the secret metadata.

Now that we have our secret, we can re-deploy nginx with our secret attached.

apiVersion: v1
kind: Pod
  name: nginx
  - name: nginx
    image: nginx:latest
      - name: service
        mountPath: /root/
    - name: service
        secretName: my-secret

Simply add the secret call in your manifest and let your manifest know which secret you want to use. The volume mounts are to specify where you want your secret to live within your pod.

run kubectl apply -f nginx.yml to create your new pod.

We have now created a new pod and attached a secret! Thanks for reading.


Popular posts from this blog

Run PowerShell code with Ansible on a Windows Host

Ansible is one of the Configuration Manager kings in the game. With it's easy-to-understand syntax and even easier to use modules, Ansible is certainly a go-to when you're picking what Configuration Management you want to use for your organization. Your question may be "but Ansible is typically on Linux and what happens when I'm in a Windows environment?". Luckily I'm here to tell you that Ansible will still work! I was pleasantly surprised with how easy it is to use Ansible on Windows with a little WinRM magic. Let's get started.

Pre-requisites for this post:
1) WinRM set up to connect to your Windows host from Ansible
2) Ansible set up for Windows Remote Management
3) SSH access to the Ansible host
4) Proper firewall rules to allow WinRM (port 5985) access from your Ansible host to your Windows host
5) Hosts file set up in Ansible that has your IP or hostname of your Windows Server.
6) At least one Linux host running Ansible and one Windows Server host …

Running PowerShell commands in a Dockerfile

As Docker continues to grow we are starting to see the containerization engine more and more on Windows. With the need for containers on Windows, we also need the same automation we get in Linux with Dockerfiles. Today we're going to create a Dockerfile that runs PowerShell cmdlets.
Prerequisites; 1. Docker for Windows
2. A code editor (VSCode preferred)

Let's go ahead and get our Dockerfile set up. Below is the Dockerfile I used for this post.

from MAINTAINER Michael Levan RUN powershell -Command Install-WindowsFeature -Name Web-Server RUN powershell -Command New-Item -Type File -Path C:\ -Name config
As you can see from the above, this is a tiny Dockerfile. What this will do is install the IIS Windows 

Feature and create a new file in C:\ called "config".
You should see something very similar to the below screenshot;

Next let's create a running container out of our image. First we'll need to run docker container ls to

 get o…

DevOps tooling in the Microsoft realm

When I really started to dive into automation and practicing DevOps with specific tooling, there were a few key players. At the time Microsoft was not one of them. They were just starting to embrace the open source world, including the art and practice of DevOps. Since then Microsoft has went all in and the tech giant has made some incredible tooling. Recently I switched to a Microsoft-heavy environment and I love it. I went from AWS/Python/Ansible/Jenkins to Azure/PowerShell/ARM/Azure DevOps. My first programming language was PowerShell so being back in the saddle allowed me to do a full circle between all of the different types of tooling in both worlds. Today I want to share some of that tooling with you.

The first thing I want to talk about is ARM. What is ARM? ARM is a configuration management tool that allows you to perform software-defined-infrastructure. Much like Ansible and Terraform, ARM allows you to define what you want your environment to look like at scale. With ARM, yo…