Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Kubernetes – An Enterprise Guide

You're reading from   Kubernetes – An Enterprise Guide Master containerized application deployments, integrate enterprise systems, and achieve scalability

Arrow left icon
Product type Paperback
Published in Aug 2024
Publisher Packt
ISBN-13 9781835086957
Length 682 pages
Edition 3rd Edition
Languages
Tools
Arrow right icon
Authors (2):
Arrow left icon
Marc Boorshtein Marc Boorshtein
Author Profile Icon Marc Boorshtein
Marc Boorshtein
Scott Surovich Scott Surovich
Author Profile Icon Scott Surovich
Scott Surovich
Arrow right icon
View More author details
Toc

Table of Contents (22) Chapters Close

Preface 1. Docker and Container Essentials 2. Deploying Kubernetes Using KinD FREE CHAPTER 3. Kubernetes Bootcamp 4. Services, Load Balancing, and Network Policies 5. External DNS and Global Load Balancing 6. Integrating Authentication into Your Cluster 7. RBAC Policies and Auditing 8. Managing Secrets 9. Building Multitenant Clusters with vClusters 10. Deploying a Secured Kubernetes Dashboard 11. Extending Security Using Open Policy Agent 12. Node Security with Gatekeeper 13. KubeArmor Securing Your Runtime 14. Backing Up Workloads 15. Monitoring Clusters and Workloads 16. An Introduction to Istio 17. Building and Deploying Applications on Istio 18. Provisioning a Multitenant Platform 19. Building a Developer Portal 20. Other Books You May Enjoy 21. Index

Integrating Secrets into Your Deployments

So far, this chapter has been focused on how to store and manage secret data. We’ve covered different strategies for managing secrets with their associated risks and benefits. In this section, the focus will be on consuming that secret data in your workloads.

There are four ways that a workload can consume secret data:

  • Volume mounts: Similar to reading a file from a PersistentVolumeClaim, secrets can be mounted to a pod and be accessed as a file. This approach can be used with both external secrets and with Secret objects. This is generally the preferred approach when working with security teams. If a Secret is updated while a pod is running, the volume will eventually get updated, though this can take some time based on your Kubernetes distribution.
  • Environment variables: Secret data can be injected into environment variables and consumed from the workload like any other environment variable. This is often referred...
lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime
Banner background image