This workshop has been deprecated and archived. The new Amazon EKS Workshop is now available at www.eksworkshop.com.
Since 1.14, Kubectl supports the management of Kubernetes objects using Kustomize. Kustomize provides resource Generators to create Secrets and ConfigMaps. The Kustomize generators should be specified in a kustomization.yaml file. A Kustomize file for generating a Secret from literal key-value pairs looks as follows:
Run the following set of commands to generate a Secret using Kubectl and Kustomize.
mkdir -p ~/environment/secrets
cd ~/environment/secrets
wget https://eksworkshop.com/beginner/200_secrets/secrets.files/kustomization.yaml
kubectl kustomize . > secret.yaml
The generated Secret with base64 encoded value for username and password keys is as follows:
You can now deploy this Secret to your EKS cluster.
kubectl create namespace octank
kubectl apply -f secret.yaml
You may expose the keys, namely, username and password, in the database-credentials Secret to a Pod as environment variables using a Pod manifest as shown below:
Run the following set of commands to deploy a pod that references the database-credentials Secret created above.
wget https://eksworkshop.com/beginner/200_secrets/secrets.files/pod-variable.yaml
kubectl apply -f pod-variable.yaml
kubectl get pod -n octank
View the output logs from the pod to verfiy that the environment variables DATABASE_USER and DATABASE_PASSWORD have been assigned the expected literal values
kubectl logs pod-variable -n octank
The output should look as follows: