Project Secrets can be created to make sure Kubernetes Secrets are automatically created on all the Kubernetes clusters associated with the Project, in the corresponding namespace.
Configure Project Secrets - UI Method
-
Select the workspace your project was created in from the workspace selection dropdown in the header.
-
In the sidebar menu, select Projects.
-
Select the project you want to configure from the table.
-
Select the Secrets tab, and then select the Create Secret button.
-
Complete the form and select the Create button.
Configure Project Secrets - CLI Method
A Project Secret is simply a Kubernetes FederatedConfigSecret and can also be created using kubectl:
cat << EOF | kubectl create -f -
apiVersion: types.kubefed.io/v1beta1
kind: FederatedSecret
metadata:
generateName: secret1-
namespace: ${projectns}
spec:
placement:
clusterSelector: {}
template:
data:
key: dmFsdWU=
EOF
Ensure the projectns
variable is set before executing the command.
projectns=$(kubectl -n ${workspacens} get projects.workspaces.kommander.mesosphere.io -o jsonpath='{.items[?(@.metadata.generateName=="project1-")].status.namespaceRef.name}')
If you run the following command on a Kubernetes cluster associated with the Project, you see a Kubernetes Secret Object, in the corresponding namespace:
kubectl -n ${projectns} get secret secret1-r9vk2 -o yaml
apiVersion: v1
data:
key: dmFsdWU=
kind: Secret
metadata:
creationTimestamp: "2020-06-04T16:51:59Z"
labels:
kubefed.io/managed: "true"
name: secret1-r9vk2
namespace: project1-5ljs9-lhvjl
resourceVersion: "137215"
selfLink: /api/v1/namespaces/project1-5ljs9-lhvjl/secrets/secret1-r9vk2
uid: e5c6fc1d-93e7-47fe-ae1e-f418f8e35d72
type: Opaque