You're reading from Modern DevOps Practices Implement and secure DevOps in the public cloud with cutting-edge tools, tips, tricks, and techniques

Product type Paperback

Published in Sep 2021

Publisher Packt

ISBN-13 9781800562387

Length 530 pages

Edition 1st Edition

Tools

Docker

Concepts

Continuous Delivery

Author (1):

Gaurav Agarwal

View More author details

Table of Contents (19) Chapters

Preface

1. Section 1: Container Fundamentals and Best Practices

2. Chapter 1: The Move to Containers FREE CHAPTER

3. Chapter 2: Containerization with Docker

4. Chapter 3: Creating and Managing Container Images

5. Chapter 4: Container Orchestration with Kubernetes – Part I

6. Chapter 5: Container Orchestration with Kubernetes – Part II

7. Section 2: Delivering Containers

8. Chapter 6: Infrastructure as Code (IaC) with Terraform

9. Chapter 7: Configuration Management with Ansible

10. Chapter 8: IaC and Config Management in Action

11. Chapter 9: Containers as a Service (CaaS) and Serverless Computing for Containers

12. Chapter 10: Continuous Integration

13. Chapter 11: Continuous Deployment/Delivery with Spinnaker

14. Chapter 12: Securing the Deployment Pipeline

15. Section 3: Modern DevOps with GitOps

16. Chapter 13: Understanding DevOps with GitOps

17. Chapter 14: CI/CD Pipelines with GitOps

18. Other Books You May Enjoy

Managing sensitive configuration and Secrets

Sealed Secrets solves the problem of I can manage all my Kubernetes config in Git, except Secrets. Created by Bitnami Labs and open sourced, they help you encrypt your Kubernetes Secrets into Sealed Secrets using asymmetric cryptography that only the Sealed Secrets controller running on the cluster can decrypt. That means you can store the Sealed Secrets in Git and use GitOps to set up everything, including Secrets.

Sealed Secrets comprise two components:

A client-side utility called kubeseal helps us generate Sealed Secrets out of standard Kubernetes Secret YAML.
A cluster-side Kubernetes controller/operator unseals your secrets and provides the key certificate to the client-side utility.

The typical workflow when using Sealed Secrets is illustrated in the following diagram:

Figure 14.9 – Sealed Secrets workflow

Now, let's go ahead and install the Sealed Secret operator in the next...