vlad/k8s-lab
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
main
k8s-lab/k3s/rpi/kube-system/sealed-secrets/instructions.txt
Vlad 6fa64414f8 Fresh repo - removed all old commits
2025-06-21 21:36:29 +01:00

34 lines
1.4 KiB
Plaintext
Raw Permalink Blame History

# Helm install:
helm repo add sealed-secrets https://bitnami-labs.github.io/sealed-secrets
helm repo update
helm install sealed-secrets -n kube-system --set-string fullnameOverride=sealed-secrets-controller sealed-secrets/sealed-secrets
kubectl get all -n kube-system
# Extras:
- install kubeseal utility
https://github.com/bitnami-labs/sealed-secrets#installation-from-source
# For version x86-x64 0.20.1
wget https://github.com/bitnami-labs/sealed-secrets/releases/download/v0.20.1/kubeseal-0.20.1-linux-amd64.tar.gz
tar -xvzf kubeseal-0.20.1-linux-amd64.tar.gz kubeseal
sudo install -m 755 kubeseal /usr/local/bin/kubeseal
# For version ARM64 0.20.1
wget https://github.com/bitnami-labs/sealed-secrets/releases/download/v0.20.1/kubeseal-0.20.1-linux-arm.tar.gz
tar -xvzf kubeseal-0.20.1-linux-arm.tar.gz kubeseal
sudo install -m 755 kubeseal /usr/local/bin/kubeseal
- create a secret from CLI and seal it
kubectl create secret generic secret-name --dry-run=client --from-literal=foo=bar -o yaml | \
kubeseal \
--controller-name=sealed-secrets-controller \
--controller-namespace=kube-system \
--format yaml > mysealedsecret.yaml
- save the encryption certificate locally and use it to create sealed secrets
kubeseal --fetch-cert >mycert.pem
cat mysecret.yaml | kubeseal --cert mycert.pem --controller-name=sealed-secrets-controller --controller-namespace=kube-system --format yaml > mysealedsecret.yaml
Reference in New Issue View Git Blame Copy Permalink