How to copy Kubernetes secrets between namespaces

To
You can download this article in PDF format via the link below to support us.

Download the guide in PDF format

turn off
To

To
To

How to copy Kubernetes secrets from one namespace to another? The secret is a Kubernetes object that stores sensitive data such as passwords, tokens or keys. Such information may be placed in Pod specifications or images in other ways, but to be shared between Pods and services, it is best done as a Kubernetes object. Kubernetes cluster users can create secrets, and the system can also create some secrets.

In this guide, if you use OpenShift, we will copy a key that has been created in a namespace or project and apply it to other namespaces. This usually applies to secrets such as registry secrets, shared git credentials, SSL certificates and keys, shared API credentials, etc. We will create a test secret and show you how to copy it from one project to another.

The secret of creating Kubernetes

We will create a secret using the username and password in the file.

echo -n 'admin' > ./username.txt
echo -n 'Password' > ./password.txt

Run the kubectl create secret command to package these files as secrets and create objects on the API server.

$ kubectl create secret generic my-user-pass --from-file=./username.txt --from-file=./password.txt
secret/my-user-pass created

The name of the confidential object must be a valid DNS subdomain.

List secrets:

$ kubectl get secrets

Copy Kubernetes secrets between namespaces

Use the following command syntax to copy secrets from one namespace to another.

kubectl get secret  
  --namespace= 
  --export -o yaml | 
  kubectl apply --namespace= -f -

In my example, I will run:

kubectl get secret my-user-pass 
  --namespace=namespace1 
  --export -o yaml | 
  kubectl apply --namespace=namespace2 -f -

Command execution output:

secret/my-user-pass created

Confirm the secret creation in the namespace.

$ kubectl get secret -n namespace2 my-user-pass
NAME         TYPE   DATA AGE
my-user-pass Opaque 2    38s

Decrypt the secret to confirm that the data is correct:

secret_name="my-user-pass"
namespace="namespace2"
kubectl get secret -n $namespace $secret_name -o go-template='{{range $k,$v := .data}}{{printf "%s: " $k}}{{if not $v}}{{$v}}{{else}}{{$v | base64decode}}{{end}}{{"n"}}{{end}}'

Command output:

password.txt: Password
username.txt: admin

if you have q You can use the following command to decrypt.

$ kubectl get secret my-user-pass -o json | jq '.data | map_values(@base64d)'
{
  "password.txt": "Password",
  "username.txt": "admin"

}

This makes it easy to copy keys between the namespaces in Kubernetes and OpenShift Cluster.

Kubernetes learning video:


Kubernetes for absolute beginners-hands-on

★★★★★
(16220)

$ 11.91

$ 160.72

In stock

Buy now

How to copy Kubernetes secrets between namespacesUdemy.com


Certified Kubernetes Administrator (CKA) and practice test

Certified Kubernetes Administrator (CKA) and practice test

★★★★★
(13975)

$ 11.91

$ 160.72

In stock

Buy now

How to copy Kubernetes secrets between namespacesUdemy.com


Kubernetes Certified Application Developer (CKAD) and testing

Kubernetes Certified Application Developer (CKAD) with testing capabilities

★★★★★
(6578)

$ 11.91

$ 160.72

In stock

Buy now

How to copy Kubernetes secrets between namespacesUdemy.com

Use horizontal Pod autoscaler on Kubernetes EKS cluster

How to force delete the Kubernetes namespace

How to use Kompose to migrate Docker Compose applications to Kubernetes

To
You can download this article in PDF format via the link below to support us.

Download the guide in PDF format

turn off
To

To
To

Sidebar