ALL CHALLENGES AND TIPS

Rules!

Be fast, avoid creating yaml manually from scratch Use only kubernetes.io/docs for help. Check my solution after you did yours. You probably have a better one!

Notices

This challenge was tested on k8s 1.18. Please let us know should you encounter any issues in the comments

how to be fast with Kubectl ≥ 1.18

Scenario Setup

We have the following file containing environment variables:

CREDENTIAL_001=-bQ(ETLPGE[uT?6C;ed

CREDENTIAL_002=C_;SU@ev7yg.8m6hNqS

CREDENTIAL_003=ZA#$$-Ml6et&4?pKdvy

CREDENTIAL_004=QlIc3$5*+SKsw==9=p{

CREDENTIAL_005=C_2\a{]XD}1#9BpE[k?

CREDENTIAL_006=9*KD8_w<);ozb:ns;JC

CREDENTIAL_007=C[V$Eb5yQ)c~!..{LRT

SETTING_USE_SEC=true

SETTING_ALLOW_ANON=true

SETTING_PREVENT_ADMIN_LOGIN=true

Todays Task: Make all key/values available in a Pod

Create a Secret that contains all environment variables from that file Create a pod of image nginx that makes all Secret entries available as environment variables. For example usable by echo $CREDENTIAL_001 etc…

Solution

# 1 create Secret

use kubectl >= 1.18 alias k=kubectl k create secret -h

k create secret generic -h

k create secret generic my-secret --from-env-file=env_file

This will create a secret yaml like:

apiVersion: v1

data:

CREDENTIAL_001: LWJRKEVUTFBHRVt1VD82QztlZA==

CREDENTIAL_002: Q187U1VAZXY3eWcuOG02aE5xUw==

CREDENTIAL_003: WkEjJCQtTWw2ZXQmND9wS2R2eQ==

CREDENTIAL_004: UWxJYzMkNSorU0tzdz09OT1wew==

CREDENTIAL_005: Q18yXGF7XVhEfTEjOUJwRVtrPw==

CREDENTIAL_006: OSpLRDhfdzwpO296YjpucztKQw==

CREDENTIAL_007: Q1tWJEViNXlRKWN+IS4ue0xSVA==

SETTING_ALLOW_ANON: dHJ1ZQ==

SETTING_PREVENT_ADMIN_LOGIN: dHJ1ZQ==

SETTING_USE_SEC: dHJ1ZQ==

kind: Secret

metadata:

name: my-secret

namespace: default

resourceVersion: "7572"

type: Opaque

# 2 create a pod which creates each secret entry as an env variable

k run nginx --image=nginx -oyaml --dry-run=client > nginx.yaml

The trick here then is to use envFrom instead of using env to use them all:

apiVersion: v1

kind: Pod

metadata:

creationTimestamp: null

labels:

run: nginx

name: nginx

spec:

containers:

- image: nginx

envFrom: # envFrom

- secretRef:

name: my-secret

name: nginx

resources: {}

dnsPolicy: ClusterFirst

restartPolicy: Always

status: {}

Then run and test:

k -f nginx.yaml create k exec nginx -- env

ALL CHALLENGES AND TIPS

More challenges on