Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Kubernetes Controller to distribute Secrets to new Namespace on Kubernetes.

License

NotificationsYou must be signed in to change notification settings

wantedly/k8nskel

Repository files navigation

Build Status

Kubernetes Controller to distribute Secrets to new Namespace on Kubernetes.

Requirements

  • Kubernetes 1.6 or above

Installation

From source

$git clone git@github.com:wantedly/k8nskel.git$cd k8nskel$make deps$make

Docker image

Docker image is available atquay.io/wantedly/k8nskel.

Environment variables

NameDescriptionDefault value
K8NSKEL_ORIGINName of the namespace from which the secret is copied."k8nskel-origin"
K8NSKEL_IGNORE_DESTCSV list of namespaces that does not reflect secrets inK8NSKEL_ORIGIN is added/modified/deleted. It is not reflected inK8NSKEL_ORIGIN by default."kube-public,kube-system"
K8NSKEL_EXCLUDE_SECRETSCSV list of secrets that does not reflect secrets inK8NSKEL_ORIGIN is added/modified/deleted. If this value empty, k8nskell sync all secrets inK8NSKEL_ORIGIN""

Usage

k8nskel copies all secrets inK8NSKEL_ORIGIN namespace to the new namespace.
Also, when secrets inK8NSKEL_ORIGIN is created/modified/deleted, it reflects its secrets to other namespaces than namespace set to K8NSKEL_IGNORE_DEST.

Workflow example

  1. CreateK8NSKEL_ORIGIN namespace.
#e.g.$kubectl create namespace k8nskel-origin
  1. Createk8nskel deployment.
#e.g.$kubectl run --rm -i k8nskel --image=quay.io/wantedly/k8nskel:latest
  1. Create a secret.
#e.g.$kubectl --namespace k8nskel-origin create secret generic secret1 --from-literal=key1=supersecret
  1. Create a new namespace.
#e.g.$kubectl create namespace new-namespace
  1. Get secrets of new namespace. The secret created earlier should be displayed.
#e.g.$kubectl --namespace k8nskel-origin get secret
  1. Add a secret inK8NSKEL_ORIGIN. The same secret should have been added to other namespaces.
#e.g.$kubectl --namespace k8nskel-origin create secret generic secret2 --from-literal=key2=supersecret$kubectl --namespace new-namespace get secret
  1. Modify a secret inK8NSKEL_ORIGIN. The same secret should have been modified in other namespaces.
#e.g.$kubectl --namespace k8nskel-origin edit secret secret2$kubectl --namespace new-namespace describe secret secret2
  1. Delete a secret inK8NSKEL_ORIGIN. The same secret should have been deleted from other namespaces.
#e.g.$kubectl --namespace k8nskel-origin delete secret secret2$kubectl --namespace new-namespace get secret

Manifest sample

  • Namespace manifest sample:
apiVersion:v1kind:Namespacemetadata:name:k8nskel-origin
  • Deployment manifest sample:
apiVersion:extensions/v1beta1kind:Deploymentmetadata:name:k8nskelnamespace:k8nskel-originlabels:name:k8nskelspec:replicas:1template:metadata:name:k8nskellabels:name:k8nskelspec:containers:        -name:k8nskelimage:quay.io/wantedly/k8nskel:latest

About

Kubernetes Controller to distribute Secrets to new Namespace on Kubernetes.

Topics

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Contributors6

[8]ページ先頭
©2009-2025 Movatter.jp