Это видео недоступно.
Сожалеем об этом.
Sealed Secrets: Safeguarding Your Kubernetes Secrets | Step By Step Tutorial | KodeKloud
HTML-код
- Опубликовано: 15 авг 2024
- 🆓Join our Slack Community for FREE: kode.wiki/Join...
🚀Kubernetes Learning Path: bit.ly/Kuberne...
Join Sanjeev from KodeKloud in this informative video as we delve into the world of Sealed Secrets, a powerful tool for managing secrets securely in Kubernetes. Discover why Sealed Secrets was created to address security challenges in DevOps environments. Learn about its key components and how it encrypts secrets, making them safe for public repositories. Follow along with a step-by-step demonstration to get started with Sealed Secrets in your Kubernetes cluster. Protect your sensitive data with confidence!
⬇️Here are the topics we will discuss in this video:
00:00 - Introduction
00:36 - Why do we need Sealed Secrets?
02:01 - Sealed Secrets and its Components
03:00 - How does Sealed Secrets Work
05:28 - Deploy the Sealed Secrets Operator
06:47 - Installation of Kubeseal CLI
07:16 - Establishing Connection between Kubeseal and Kubernetes Cluster
08:53 - Creating Kubernetes Secret
10:00 - Encrypting Secret
11:14 - Applying Sealed Secret in Kubernetes Cluster
13:00 - Conclusion
✅Start your Cloud Computing Career Now - kode.wiki/Clou...
We have various Learning Paths to help you choose your next step and shape your DevOps & Cloud Career.
Check out our learning paths at KodeKloud to get started:
▶️ Cloud: kode.wiki/Clou...
▶️ Linux: bit.ly/LinuxLe...
▶️ Kubernetes: bit.ly/Kuberne...
▶️ DevOps Learning Path: bit.ly/DevOpsL...
▶️ Docker: bit.ly/DockerL...
▶️ Infrastructure as Code(IAC): bit.ly/IACLear...
▶️ Programming: bit.ly/Program...
#sealedsecrets #kubernetes #kubernetescluster #kubeseal #terraform #kodekloud
For more updates on courses and tips, follow us on:
🌐 Website: kodekloud.com/
🌐 LinkedIn: / kode. .
🌐 Twitter: / kodekloudhq
🌐 Facebook: / kodekloudhq
🌐 Instagram: / kodekloud
🌐 Blog: kodekloud.com/...
Is something like this going to be part of core K8S? Seems like a fundamental feature that you shouldn't have to rely on a third party CRD for.
Excellent Tutorial! :-)
Thanks a lot!
if someone get access to k8s cluster and decoding the secret?
If someone gains access to a Kubernetes cluster and can decode a secret, it's a serious security risk. Kubernetes secrets are base64-encoded but not encrypted, meaning anyone with access can decode them. A compromised secret could lead to unauthorized access or data breaches. Immediate action includes rotating the compromised secret and updating applications using it. Investigate the breach and implement security best practices such as access control, network policies, and regular monitoring. Consider secret management solutions or encryption tools to enhance security. Security in Kubernetes should be a top priority to minimize risks and respond effectively to breaches.
Do you see any scenarios when sealed secret operator will not be in situation to decrypt encrypted password and create correct secrete in Kubernetes cluster? Is there any way to store certificates generated by operator somewhere outside the cluster? I guess, if we redeploy the operator it will create new certificate pair.
How would sealed-secrets be used with Terraform?
Imperative and declarative way
Keep learning with us & stay connected .
good stuff.
Glad you enjoyed it
Such great instructor!!
Hello thank you for watching our video .We are glad that we could help you in your learning !
If one need to deploy the app in a different cluster, the operator public and private key will change, and the sealedsecret stored in git repo will be unusable
What about credentials rotation? This is mentioned on the website but no details provided
Hey, please refer to github.com/bitnami-labs/sealed-secrets#secret-rotation
Is this solution applicable to Openshift too?
Yes. Sealed Secrets can be used with OpenShift to securely manage and store sensitive data, just as it can be used with a standard Kubernetes cluster. However, make sure to consider OpenShift's specific security features and requirements when implementing it in your OpenShift environment.
awesome
Thanks a lot!
I had paid money but my subscription in un-action please fix the issue
We apologise for the issue, could you please email us the concern at support@kodekloud.com and we will investigate it.