Add K8s Secrets to All Environments
Oftentimes, organizations would like to add resource credentials or other sensitive information to each Velocity Environment as Kubernetes Secrets upon Environment creation. This guide will walk you through the process of adding K8s Secrets as default elements in Velocity Environments.
You can create K8s Secrets in this same
velocity
namespace once, and then add them to all Velocity Environments upon creation. Kubed is a daemon that runs in your cluster that will allow you to replicate K8s Secrets across Velocity Environments. To install it in your cluster, run the following:
helm repo add appscode https://charts.appscode.com/stable/
helm repo update
helm install kubed appscode/kubed -n kube-system
After installing the Velocity Operator, run the following to create a sample K8s Secret in the resulting "velocity" namespace:
# example-secret.yaml
---
apiVersion: v1
kind: Secret
metadata:
name: test-secret
annotations:
# This annotation will add this Secret to all newly created namespaces:
kubed.appscode.com/sync: "microprod.velocity.tech/type=environment"
data:
username: bXktYXBw
password: Mzk1MjgkdmRnN0pi
Run the following command to apply the above manifest and create a K8s Secret that will be available in all Velocity Environments:
kubectl apply -f https://raw.githubusercontent.com/techvelocity/velocity-blueprints/main/examples/env-secrets-example/example-secret.yaml -n velocity
Finally, run the following to create a sample Velocity Environment that contains the above K8s Secret:
veloctl env create -f https://raw.githubusercontent.com/techvelocity/velocity-blueprints/main/examples/env-secrets-example/example-deployment.yaml
Last modified 3mo ago