Improving Secret Management in K8s with ESO
Ойын-сауық
Managing secrets in Kubernetes can be a challenge. One of the optimal approaches to storing and making use of sensitive data in your clusters is to incorporate the use of external centralized secrets managers. Centralized secrets managers usually offer encryption of data at rest and expose an API for lifecycle management operations of your secrets. So how do you integrate secrets from external providers and securely expose them in your cluster? In this episode, I'll be joined by Emin Alemdar who will walk through the External Secrets Operator (ESO) and some good practices for managing secrets in Kubernetes. We'll have a live demo and dedicate some time to questions and answers. Be sure to tune in live!
Пікірлер: 3
Great timing, I’m currently doing POC for ESO to pull secrets from store parameter and create k8s secrets in new namespaces before apps consume them. Hopefully can get rid of reloader or secrets syncs between namespaces
great example. I tried to use the csi driver option and it didn't work. This one works and i've got a terraform template to manage the SAs
Will that secret stored again in etcd?