Search icon Close icon
Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Save more on your purchases now! discount-offer-chevron-icon
Savings automatically calculated. No voucher code required.

Change country

Modal Close icon
Country selected Country selected
country flag United States
Country selected
country flag United Kingdom
Country selected
country flag India
Country selected
country flag Germany
Country selected
country flag France
Country selected
country flag Canada
Country selected
country flag Russia
Country selected
country flag Spain
Country selected
country flag Brazil
Country selected
country flag Australia
Country selected
country flag Argentina
Country selected
country flag Austria
Country selected
country flag Belgium
Country selected
country flag Bulgaria
Country selected
country flag Chile
Country selected
country flag Colombia
Country selected
country flag Cyprus
Country selected
country flag Czechia
Country selected
country flag Denmark
Country selected
country flag Ecuador
Country selected
country flag Egypt
Country selected
country flag Estonia
Country selected
country flag Finland
Country selected
country flag Greece
Country selected
country flag Hungary
Country selected
country flag Indonesia
Country selected
country flag Ireland
Country selected
country flag Italy
Country selected
country flag Japan
Country selected
country flag Latvia
Country selected
country flag Lithuania
Country selected
country flag Luxembourg
Country selected
country flag Malaysia
Country selected
country flag Malta
Country selected
country flag Mexico
Country selected
country flag Netherlands
Country selected
country flag New Zealand
Country selected
country flag Norway
Country selected
country flag Philippines
Country selected
country flag Poland
Country selected
country flag Portugal
Country selected
country flag Romania
Country selected
country flag Singapore
Country selected
country flag Slovakia
Country selected
country flag Slovenia
Country selected
country flag South Africa
Country selected
country flag South Korea
Country selected
country flag Sweden
Country selected
country flag Switzerland
Country selected
country flag Taiwan
Country selected
country flag Thailand
Country selected
country flag Turkey
Country selected
country flag Ukraine
Country selected
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Kubernetes Secrets Handbook

You're reading from   Kubernetes Secrets Handbook Design, implement, and maintain production-grade Kubernetes Secrets management solutions

Arrow left icon
Product type Paperback
Published in Jan 2024
Publisher
ISBN-13 9781805123224
Length 294 pages
Edition 1st Edition
Tools
Concepts
Arrow right icon
Authors (3):
Arrow left icon
Chen Xi Chen Xi
Author Profile Icon Chen Xi
Chen Xi
LinkedIn
Chen Xi is a highly skilled Uber Platform Engineer. As a Tech Leader, he contributed to the Secret and Key Management Platform service, leading and delivering secrets as a service with a 99.99% SLA for thousands of Uber container services across hybrid environments. His cloud infrastructure prowess is evident from his work on Google Kubernetes Engine (GKE) and the integration of Spire-based PKI systems. Prior to joining Uber, he worked at VMware, where he developed microservices for VMware's Hybrid Kubernetes management platform (Tanzu Mission Control) and VMware Kubernetes Engine for multi-cloud (Cloud PKS). Chen is also a contributing author to the Certified Kubernetes Security Specialist (CKS) exam.
Read more
See other products by Chen Xi
Emmanouil Gkatziouras Emmanouil Gkatziouras
Author Profile Icon Emmanouil Gkatziouras
Emmanouil Gkatziouras
LinkedIn
Emmanouil Gkatziouras started his career in software as a Java developer. Since 2015, he has worked daily with cloud providers such as GCP, AWS and Azure, and container orchestration tools such as Kubernetes. He has fulfilled many roles, either in lead positions or as an individual contributor. He enjoys being a versatile engineer and collaborating with development, platform, and architecture teams. He loves to give back to the developer community by contributing to open-source projects and by blogging on various software topics. He is committed to continuous learning and is a holder of certifications such as CKA, CCDAK, PSM, CKAD, and PSO. He is the author of ‘A Developer’s Essential Guide to Docker Compose'.
Read more
See other products by Emmanouil Gkatziouras
Rom Adams Rom Adams
Author Profile Icon Rom Adams
Rom Adams
LinkedIn
Rom Adams (né Romuald Vandepoel) is an open-source and C-Suite advisor with 20 years of experience in the IT industry. He is a cloud-native expert who helps organizations to modernize and transform with open-source solutions. He is advising companies and lawmakers on their open- and inner-source strategies. Previously, a Principal Architect at Ondat, a cloud-native storage company acquired by Akamai, where he designed products and hybrid cloud solutions and held roles at Tyco, NetApp, and Red Hat becoming a subject matter expert in hybrid cloud. He was moderator and speaker for several events, sharing his insights on culture, process, technology adoption, and passion about open innovation.
Read more
See other products by Rom Adams
Arrow right icon
View More author details
Toc

Table of Contents (20) Chapters Close

Preface 1. Part 1:Introduction to Kubernetes Secrets Management FREE CHAPTER
2. Chapter 1: Understanding Kubernetes Secrets Management 3. Chapter 2: Walking through Kubernetes Secrets Management Concepts 4. Chapter 3: Encrypting Secrets the Kubernetes-Native Way 5. Chapter 4: Debugging and Troubleshooting Kubernetes Secrets 6. Part 2: Advanced Topics – Kubernetes Secrets in a Production Environment
7. Chapter 5: Security, Auditing, and Compliance 8. Chapter 6: Disaster Recovery and Backups 9. Chapter 7: Challenges and Risks in Managing Secrets 10. Part 3: Kubernetes Secrets Providers
11. Chapter 8: Exploring Cloud Secret Store on AWS 12. Chapter 9: Exploring Cloud Secret Store on Azure 13. Chapter 10: Exploring Cloud Secret Store on GCP 14. Chapter 11: Exploring External Secret Stores 15. Chapter 12: Integrating with Secret Stores 16. Chapter 13: Case Studies and Real-World Examples 17. Chapter 14: Conclusion and the Future of Kubernetes Secrets Management 18. Index 19. Other Books You May Enjoy

Kubernetes-native encryption

Data in payloads written in etcd is not encrypted but encoded in base64, which is almost equivalent to clear text. Encrypting the data contained in the payload will protect from the aforementioned protection mechanisms, but not replace them!

Interestingly enough, we have established that our Kubernetes key-value store, also known as etcd, does not provide any encryption capabilities except for the networking part, nor does Kubernetes provide advanced KMS capabilities as HashiCorp Vault or Azure Key Vault would.

However, the Kubernetes project has designed a KMS framework within kube-apiserver, the service validating and configuring data for the API objects, to leverage one of the following encryption providers:

  • The identity provider is the default configuration, meaning no encryption is applied to the data field encoded in base64
  • The aes provider, with two options being aesgcm or aescbc, leverages the local encryption capabilities with...
lock icon The rest of the chapter is locked
arrow left Previous Section
Section 3 of 5
Next Section arrow right
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Sign up now
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Start free trial
Renews at €18.99/month. Cancel anytime

Authors (3)

Left arrow icon
Profile icon Emmanouil Gkatziouras
Emmanouil Gkatziouras
LinkedIn icon Github icon
Emmanouil Gkatziouras started his career in software as a Java developer. Since 2015, he has worked daily with cloud providers such as GCP, AWS and Azure, and container orchestration tools such as Kubernetes. He has fulfilled many roles, either in lead positions or as an individual contributor. He enjoys being a versatile engineer and collaborating with development, platform, and architecture teams. He loves to give back to the developer community by contributing to open-source projects and by blogging on various software topics. He is committed to continuous learning and is a holder of certifications such as CKA, CCDAK, PSM, CKAD, and PSO. He is the author of ‘A Developer's Essential Guide to Docker Compose'.
Read more
See other products by Emmanouil Gkatziouras
Profile icon Chen Xi
Chen Xi
LinkedIn icon Github icon
Chen Xi is a highly skilled Uber Platform Engineer. As a Tech Leader, he contributed to the Secret and Key Management Platform service, leading and delivering secrets as a service with a 99.99% SLA for thousands of Uber container services across hybrid environments. His cloud infrastructure prowess is evident from his work on Google Kubernetes Engine (GKE) and the integration of Spire-based PKI systems. Prior to joining Uber, he worked at VMware, where he developed microservices for VMware's Hybrid Kubernetes management platform (Tanzu Mission Control) and VMware Kubernetes Engine for multi-cloud (Cloud PKS). Chen is also a contributing author to the Certified Kubernetes Security Specialist (CKS) exam.
Read more
See other products by Chen Xi
Profile icon Rom Adams
Rom Adams
LinkedIn icon Github icon
Rom Adams (né Romuald Vandepoel) is an open-source and C-Suite advisor with 20 years of experience in the IT industry. He is a cloud-native expert who helps organizations to modernize and transform with open-source solutions. He is advising companies and lawmakers on their open- and inner-source strategies. Previously, a Principal Architect at Ondat, a cloud-native storage company acquired by Akamai, where he designed products and hybrid cloud solutions and held roles at Tyco, NetApp, and Red Hat becoming a subject matter expert in hybrid cloud. He was moderator and speaker for several events, sharing his insights on culture, process, technology adoption, and passion about open innovation.
Read more
See other products by Rom Adams
Right arrow icon

Personalised recommendations for you

Based on your interests and search pattern
Left arrow icon
Mastering PowerShell Scripting
Mastering PowerShell Scripting
Read more
PowerShell scripts provides a convenient method for automating tasks, using them proficiently can be challenging. This all-inclusive guide begins at the basics and covers advanced concepts, equipping you with tips to become an expert in PowerShell Core 7.3 scripting.
Read more
May 2024 27h 32m
Mastering PowerShell Scripting
Mastering PowerShell Scripting
Read more
PowerShell scripts provides a convenient method for automating tasks, using them proficiently can be challenging. This all-inclusive guide begins at the basics and covers advanced concepts, equipping you with tips to become an expert in PowerShell Core 7.3 scripting.
Read more
May 2024 27h 32m
Mastering PowerShell Scripting
Mastering PowerShell Scripting
Read more
PowerShell scripts provides a convenient method for automating tasks, using them proficiently can be challenging. This all-inclusive guide begins at the basics and covers advanced concepts, equipping you with tips to become an expert in PowerShell Core 7.3 scripting.
Read more
May 2024 27h 32m
Mastering PowerShell Scripting
Mastering PowerShell Scripting
Read more
PowerShell scripts provides a convenient method for automating tasks, using them proficiently can be challenging. This all-inclusive guide begins at the basics and covers advanced concepts, equipping you with tips to become an expert in PowerShell Core 7.3 scripting.
Read more
May 2024 27h 32m
Mastering PowerShell Scripting
Mastering PowerShell Scripting
Read more
PowerShell scripts provides a convenient method for automating tasks, using them proficiently can be challenging. This all-inclusive guide begins at the basics and covers advanced concepts, equipping you with tips to become an expert in PowerShell Core 7.3 scripting.
Read more
May 2024 27h 32m
Mastering PowerShell Scripting
Mastering PowerShell Scripting
Read more
PowerShell scripts provides a convenient method for automating tasks, using them proficiently can be challenging. This all-inclusive guide begins at the basics and covers advanced concepts, equipping you with tips to become an expert in PowerShell Core 7.3 scripting.
Read more
May 2024 27h 32m
Mastering PowerShell Scripting
Mastering PowerShell Scripting
Read more
PowerShell scripts provides a convenient method for automating tasks, using them proficiently can be challenging. This all-inclusive guide begins at the basics and covers advanced concepts, equipping you with tips to become an expert in PowerShell Core 7.3 scripting.
Read more
May 2024 27h 32m
Mastering PowerShell Scripting
Mastering PowerShell Scripting
Read more
PowerShell scripts provides a convenient method for automating tasks, using them proficiently can be challenging. This all-inclusive guide begins at the basics and covers advanced concepts, equipping you with tips to become an expert in PowerShell Core 7.3 scripting.
Read more
May 2024 27h 32m
Mastering PowerShell Scripting
Mastering PowerShell Scripting
Read more
PowerShell scripts provides a convenient method for automating tasks, using them proficiently can be challenging. This all-inclusive guide begins at the basics and covers advanced concepts, equipping you with tips to become an expert in PowerShell Core 7.3 scripting.
Read more
May 2024 27h 32m
Mastering PowerShell Scripting
Mastering PowerShell Scripting
Read more
PowerShell scripts provides a convenient method for automating tasks, using them proficiently can be challenging. This all-inclusive guide begins at the basics and covers advanced concepts, equipping you with tips to become an expert in PowerShell Core 7.3 scripting.
Read more
May 2024 27h 32m
Mastering PowerShell Scripting
Mastering PowerShell Scripting
Read more
PowerShell scripts provides a convenient method for automating tasks, using them proficiently can be challenging. This all-inclusive guide begins at the basics and covers advanced concepts, equipping you with tips to become an expert in PowerShell Core 7.3 scripting.
Read more
May 2024 27h 32m
Mastering PowerShell Scripting
Mastering PowerShell Scripting
Read more
PowerShell scripts provides a convenient method for automating tasks, using them proficiently can be challenging. This all-inclusive guide begins at the basics and covers advanced concepts, equipping you with tips to become an expert in PowerShell Core 7.3 scripting.
Read more
May 2024 27h 32m
Right arrow icon