Kubeseal: Difference between revisions

From NovaOrdis Knowledge Base
Jump to navigation Jump to search
 
Line 8: Line 8:
=Installation=
=Installation=
==Server==
==Server==
<font color=darkkhaki>NOT TESTED</font>
<syntaxhighlight lang='bash'>
<syntaxhighlight lang='bash'>
helm repo add sealed-secrets https://bitnami-labs.github.io/sealed-secrets
helm repo add sealed-secrets https://bitnami-labs.github.io/sealed-secrets
helm install -n kube-system sealed-secrets sealed-secrets/sealed-secrets
</syntaxhighlight>
</syntaxhighlight>
==Client==
==Client==
<syntaxhighlight lang='bash'>
<syntaxhighlight lang='bash'>
brew install kubeseal
brew install kubeseal
</syntaxhighlight>
</syntaxhighlight>

Latest revision as of 01:57, 22 February 2022

External

Internal

Overview

kubeseal encrypts a secret into a sealed secret, which is safe to store - even to a public repository. The sealed secret can be decrypted only by the controller running in the target cluster and nobody else (not even the original author) is able to obtain the original secret from the sealed secret.

Installation

Server

NOT TESTED

helm repo add sealed-secrets https://bitnami-labs.github.io/sealed-secrets
helm install -n kube-system sealed-secrets sealed-secrets/sealed-secrets

Client

brew install kubeseal