mirror of
https://github.com/Dannecron/netology-devops.git
synced 2025-12-25 15:22:37 +03:00
19 KiB
19 KiB
Выполнение домашнего задания по теме "14.1. Создание и использование секретов"
Q/A
Задача 1
Работа с секретами через утилиту kubectl в установленном minikube.
Выполните приведённые ниже команды в консоли, получите вывод команд. Сохраните задачу 1 как справочный материал.
Как создать секрет?
openssl genrsa -out certs/cert.key 4096 openssl req -x509 -new -key certs/cert.key -days 3650 -out certs/cert.crt \ -subj '/C=RU/ST=Moscow/L=Moscow/CN=server.local' kubectl create secret tls domain-cert --cert=certs/cert.crt --key=certs/cert.key
Generating RSA private key, 4096 bit long modulus (2 primes)
....................................................................................................................++++
........................++++
secret/domain-cert created
Как просмотреть список секретов?
kubectl get secrets kubectl get secret
NAME TYPE DATA AGE
domain-cert kubernetes.io/tls 2 10s
Как просмотреть секрет?
kubectl describe secret domain-cert
Name: domain-cert
Namespace: default
Labels: <none>
Annotations: <none>
Type: kubernetes.io/tls
Data
====
tls.crt: 1944 bytes
tls.key: 3243 bytes
Как получить информацию в формате YAML и/или JSON?
kubectl get secret domain-cert -o yaml kubectl get secret domain-cert -o json
apiVersion: v1
data:
tls.crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUZiVENDQTFXZ0F3SUJBZ0lVQytTaXBYUHR6R0tFb0d1MGNucCtWcmFiRUpZd0RRWUpLb1pJaHZjTkFRRUwKQlFBd1JqRUxNQWtHQTFVRUJoTUNVbFV4RHpBTkJnTlZCQWdNQmsxdmMyTnZkekVQTUEwR0ExVUVCd3dHVFc5egpZMjkzTVJVd0V3WURWUVFEREF4elpYSjJaWEl1Ykc5allXd3dIaGNOTWpJeE1qSXpNREkxTURNMFdoY05Nekl4Ck1qSXdNREkxTURNMFdqQkdNUXN3Q1FZRFZRUUdFd0pTVlRFUE1BMEdBMVVFQ0F3R1RXOXpZMjkzTVE4d0RRWUQKVlFRSERBWk5iM05qYjNjeEZUQVRCZ05WQkFNTURITmxjblpsY2k1c2IyTmhiRENDQWlJd0RRWUpLb1pJaHZjTgpBUUVCQlFBRGdnSVBBRENDQWdvQ2dnSUJBSjJIUXJ4NUFoanU5azBqWkwrWUhydXp3TlhSekwvZFRkUW1pR2FjClFXWGozU3pJTTFpUEZwRnlOMTBxaERDS1RpeTIvRXdWWWZTYXhGUmh1c3ZqSHpUczBzdU51c1RhT09FR2g5ZGsKaXQ3Y010dWMwU29aa3QyTTE4VUQ1L0Zzem0xbTVQNlhBTERHZlNoTWM3ZFRiV3o1dE91S3Uwbi9ia3JuaFl1SgpSM1FIa2RxelZQMTk4bmxGbitGeko3SDJFbkt3d2kwM0FPN0xNK0lVZHI2K3FNZytKUDZnK1pCZG82S1NsMGw3ClVkL1RkZExHMUZRNlF4UUFoTHJkdVVXaUFKaUJ6Vk14dHlKL3FTVWlKd0E2eGwyN3pxVjFHZ0NEVlh2cmQzYVQKQVFjdVYvallSdUtmSnVxK1N5V3B0RzVXcXJWcCsyTm8zWG5RMHpnd0JKQmlWa0s4WVZ3VGVLN2s5QkdVdWJHbApuaVArRHhCLzlQWS91TFhzVEcrSXRyblVDaTFyWlRoNFVzNitwVlFqNG5oNkZKUk5WTUxIbnRPdXpwbUJrZ3ZPClVIblp5STlmOHhRVUFtUTN6Y3Jwc0hSZlRaZmFMS2QycUFxS2tiYTcyM3Uyb041cldUcU84MjVZTUF5Qk80VWUKOVdTcmdteWZrbDhIWUQ4NHMyam8wNGQzVVNqM1dCNDRLR3lscGxlVHZWc3hsY3hGa2UwRSsvSDFxdmN0SjdvaApiZW1LRGRTNkYwTUNHQWhVZmVWdkZEN24rdTFsbnU5VlNxeEpGMHk0TlF6Tmd3MEovbTA3MDZ5UytIY1RYQWw2CkY3emtaODVNcGpydGQ0ODRoMkdITGJKNHlyYUpFdlhFOFNLUDlTVEQ4WW9BeWdJQmYzTWZmU0ZBTHllSzdITCsKOERKQkFnTUJBQUdqVXpCUk1CMEdBMVVkRGdRV0JCUXFTNU5NanZISEVFbW9qWklCMzBsQ3hleTZLakFmQmdOVgpIU01FR0RBV2dCUXFTNU5NanZISEVFbW9qWklCMzBsQ3hleTZLakFQQmdOVkhSTUJBZjhFQlRBREFRSC9NQTBHCkNTcUdTSWIzRFFFQkN3VUFBNElDQVFCWFVIUHZxVVlWVHNYVmFLWkhzd1djUjZ2WVlhZFc5TWU1RndXMjkydUkKTkdGRys4UHhPN2NEalFwTnAzd09ZcTMxc1RQUUhvVGV3dDM2WG9XQ1VYdHUrSEpDY081YndDc1EvMHVhZGVSdwpST0VuQXE3a2JQNDFWZEp3bDZDUjk2TitMZVNyTnYzSzBSOUlLR2xSNXNVbFRBUytVZkpLeXN6Vi9ydFE4V1pvCjRydWxrWWZTRVR6OFd0R1BxVmpCRTNhTzU0bFd0Q3lCcUNyK3ZUeWdDQkdjM3V6ZTRZVk9weTJNV1NmU29QQmcKVWRJM09FakpETVU0RFY3bW5QSjkwaXRnNlJvS0JjcEliSjc5UVNLUlRWVHoxTkFBNTVMQjVkY3pYOHlOQ2R3ZgpMcVpDSHBZV1VnN2drQWdlaUsyR3VERmxXcHFvMmVoeGQ1eXZja3pIWlpqb05ZdnFiUDZFKzg4d3Z0aEVnR05CCmNzeERPM29GUGV5RlVTaStKMmZDVGRTUVBHS0dCMUlRR1BFN1lvaHdlQUlZazh1bStBR0VRMVBlSnhnWVVpdnMKQkpOMEZIWW1PN0RaeEIzYmxvejBPZnVGenlzckdPbnJvdHZWUDVwNXVNTFpMOVdjL0RPSWlIcjdDYURuVnA4aworY1ZYRUJOaU4zTmI5VTczSTJHNStWeGJIcE51VERxcGxkL1ZIcjhjbTJLdlVGSGVlUElTQ3JQZHBJalBVNldVCllIQVFaenBZbUozLzczQTQ3a3E5NTBjQU1uYVVJY0lzemxjN002TXpzbzJYaU8rRE5VMkp3b1orS3p0alJXS2cKWWxuY1lDK0N0aVpadllWbGFqc01mblg3bEJ6STNYRnJScjFlejk5ZjFXNWdlRHJPUGh3ZnhXS1pmaUdJUW52LwpHZz09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K
tls.key: LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlKS0FJQkFBS0NBZ0VBbllkQ3ZIa0NHTzcyVFNOa3Y1Z2V1N1BBMWRITXY5MU4xQ2FJWnB4QlplUGRMTWd6CldJOFdrWEkzWFNxRU1JcE9MTGI4VEJWaDlKckVWR0c2eStNZk5PelN5NDI2eE5vNDRRYUgxMlNLM3R3eTI1elIKS2htUzNZelh4UVBuOFd6T2JXYmsvcGNBc01aOUtFeHp0MU50YlBtMDY0cTdTZjl1U3VlRmk0bEhkQWVSMnJOVQovWDN5ZVVXZjRYTW5zZllTY3JEQ0xUY0E3c3N6NGhSMnZyNm95RDRrL3FENWtGMmpvcEtYU1h0UjM5TjEwc2JVClZEcERGQUNFdXQyNVJhSUFtSUhOVXpHM0luK3BKU0luQURyR1hidk9wWFVhQUlOVmUrdDNkcE1CQnk1WCtOaEcKNHA4bTZyNUxKYW0wYmxhcXRXbjdZMmpkZWREVE9EQUVrR0pXUXJ4aFhCTjRydVQwRVpTNXNhV2VJLzRQRUgvMAo5ais0dGV4TWI0aTJ1ZFFLTFd0bE9IaFN6cjZsVkNQaWVIb1VsRTFVd3NlZTA2N09tWUdTQzg1UWVkbklqMS96CkZCUUNaRGZOeXVtd2RGOU5sOW9zcDNhb0NvcVJ0cnZiZTdhZzNtdFpPbzd6Ymxnd0RJRTdoUjcxWkt1Q2JKK1MKWHdkZ1B6aXphT2pUaDNkUktQZFlIamdvYktXbVY1TzlXekdWekVXUjdRVDc4ZldxOXkwbnVpRnQ2WW9OMUxvWApRd0lZQ0ZSOTVXOFVQdWY2N1dXZTcxVktyRWtYVExnMURNMkREUW4rYlR2VHJKTDRkeE5jQ1hvWHZPUm56a3ltCk91MTNqemlIWVljdHNuakt0b2tTOWNUeElvLzFKTVB4aWdES0FnRi9jeDk5SVVBdko0cnNjdjd3TWtFQ0F3RUEKQVFLQ0FnRUFpazNPSHZGVEVSY0VjaGRJQmhzRnFLQ2FCbUJybG13elA3Y1EvSjNsb1JKZEJrdERJVmFIWnUxVApoRjJtcjROT1BWM3V4dEhqTGNHUDY5SGVFZEgzZlIwTHVhRld3Q3dqMGhWTXdLUktkSDM1dk96Q2kyYm1sZE5wClFWVTdsN0NDMEhTTlNxVEMrM0ZaUXo5VVBUbG5FazF1TlhxWkVzL0xRc0pnY25EMXBmNWJaUnNiM0c5dXFtQ2gKald2d0J3UFhrSkIxK3dLV3RCRCtIVmtBSkZuNmo4eFg2S0xtV1lTTS9WZ2NzV3d2SndkZUk4OWpiZ3UxQnVPcApwUEswRGxtOGtpa3NYd1dBRnk3a0QzRWJzc3puaWpZd3FQM1Y5V3RaYXpJQnNiNUJJYy9qZHR4VDUvWDVVaEgrCm9qT0w4Vy92OHRUNDNIK2VLNnhYTmJhYTJ6VXJLNDJpQ2toUlBTZjQxNmdZYUZvRDk1dkxScjcrbUNVeWtRaC8KOFIyeTc1UFMrbHNVZ2JKZExocUwxZUZRSUV4ZTBvbDdrVFZYN01JbXo4TGNhVjNJUjJXQklpS2FXTFFXcGRuQgpGUzhqdVV3MGZYZU56Kzk3SnlRRmlPVWhxRlVOMEJMd200ZzF5WDhoYVp6NXBhemVtdTRvMHE5YjMwakN0NUNQCnpZOTdXRXdFbTYyaVZNOWZ6ZlZMUW1pT2FSWW9pVlpPZTJGL0ZWSWMxZzNqalZ1aGlEMWZTcm11UXl3Y2Y2aGsKVEdQVnhDWTU5ZDQ0WjJ6dmU3M2FGaFJLUjI5M2dWZG1RMUR2d1FBWmFDbUNTQWFuUER2ZkRQS21seU45VFNWYQpzR3hzR0VRMzFTeWpoSVIzN2xOOWttN2lLNlg4UTZqNWw0Y3c4NXJuSElpbzRydVErWDBDZ2dFQkFOQmIrVWZrClRGTFdxbVgyZ3FjSy9zc3NpYWsxc1IwREo2eXVzb29XSXU4WU40QnNUWlAwOFA0c2FjWVdjbVQrS3JTUS9YWGQKZXdZYzhna1hjamxMYUhQUjZXQ045S1p2czNpbVNKTEk2bjBIM1lGU0ZEWU8zcmpBUTJtQWRSalFlZXJjTGx4SQprVTJ6SUQ1dUo1K3kzYlpjTk1KTm5JN2U5YzdGQXRFd1JEZmNnWWdubHJ5ajlMSlROby90eTI3cHcxdGpoK1NUCmNpWm5vM1NtMHRxNWhPeEFqaDBneHh4dmxFR2F0TGE1VG03cWZsVk9VSStNZFpYUzVnTjZnb2FWZ2pGYTh4cWIKclNodVBUV3RMTE9wMHdzVHJOZGZqbzlqKzlWUjRjUzRsdTB1WEdFZlE1VW9kUDFleXl4YW9iT0x0L2NOS20vcQpRaEg0MFFQcnF0cHNQYXNDZ2dFQkFNR0wrQVN5RVZVcWRvWU0xbDJJSGhYcjN6cWlOa1daeTkxVWVLVFRSd1l0CmlkajhLWGN2VnQwUlBDTUR3cFBiV0l6NE5KajhWQTNDS2xidFV5b1phS0VoWktDYWhTbzVmVk4xVnFnYlBZVFYKQngzNDhXWk45Ym5hSFFTNVoxc1NWQmxXRVFXSXBYTDZFTUZ5UDRESHZZRmNjTmJqOWdDaXgxQ1ZNQzlpSU1ZeAp3T0REWE4yR2NtdDBsb055OE14bmJCUUpCZ1JmTzRPaXNzcWdidm1DQWNVYWRIVVZ5TkVnYXNNZVpXMi9JNHliCjNaTlZIR2tnRm5BY3hkcWNsS3ZpUzdhUWN3VGxKVlA5WkNzOUlGRnJlZEJ6aUp6MXpDZ0dzbkcxb3NCd2pyZ2kKRFZFcFVRczVJc1FWcWJUQlppSFBvSDdwTGxJem0zeThsdDlBRFMva3E4TUNnZ0VBWXBYeUdDc1VWZW5PVEZwYwpMVytOYVZMVWUrUzB2ZFo5VWo2Q3FjV1psK21zY1M1TmNxRmwyYzNuNmxzNm0wQ0xzazRjTDBXeGJRNExFM1F0CmpxQjRkcnl1b1FucDVVcGE3ODQxN29YME5WNmdWdzBnRlFmcUtCNklod1hKNGdqYWR0N2hiTGJGVWE5Y3BVMTMKb0IrQXVrVmNqVWN0dVlnVFpGZGhZdHRrbTgzUTJEeHJIU3l5bmlHellseVFjaFZYWXdsd0JoNGgxN3dYNGgwQgpEWTdVTHZqSWhVMjZDR0ZmRTcrQW5DaUh6UUZVNzBZVDVpZitodnAzN05OdHFRSmF6TUdNMzEwampFckUyWDNyCjljSjM0ZmpZUWp1cmQzdEdjQVBEUUZKYXp6U3RieUxjMWxtREtWTk43Tm1oUXhQcjRwQXZNUzcxUGcydDBCNFYKQkM1TTZ3S0NBUUJXY29ZYzBzd2JGaFJLVzRHRDFVQmEyamVpb01GTTVSekJodkU3N1lKVHFCTmg3MzgxMU5jZgpkb3M5dUhnNFFraVM3bW5QeXlSZjRORzRjZGdyZlozV0dtd3ZyOVM2djJMUzNCNFFoOW82Y2t2emZ6V1RWRTdrCjdCNzU5VFhNMzZyZ2hpaWtLQng5OW1OMWcrb0pReTNKa2RoMG91MUY2MjdLOTFmR1VqWUJVRWV1SEpSbC9aOHQKajYyS21OUWsrQ3kxNWpIaDBnZHJERWgvYUprb3FJRFI0TGNUZE45MVNOMW11VFRraC9NQTRyMWRDUzdmWlkyZwpGYm5wb3Zaa3IzYlIzRU1EZExYdmhjWXY2ZVY5ZUZ1NFYySTFlVFB1ek03M0t3Rytvb2VjaHRrYjN6QnJxdUYwClk1aWhPNkM2aVZwT1ZTaHpYc21jTlQvT0IzWGNabTZ4QW9JQkFEUVluSnBxaWN3b21mNml5Qnp6OVhiMVZTbmsKTmx4SWZ3QnJ4Ykx5M0Qra2FPWU5GVy8rVFE4QmlKZk1CaEFFRGRlS3hVS255MHJYaVVkaGtVYnVtQjE2RnlUdwo5cE8vQkRPVVk1bHc5VisvcDhjb1JvT1YvdFV4Skt5QnZyLzJhT1Z0T1B4Y2NqV3Urejc0dFZhUmhMMjVkaGlnCktQSzltTTdDK3Zwbk9SdnB4OG5ISEp1dHBUcU55ZjViVzFGNnR1OENwbWtkV2pRQjlkZzJPd0hwbnBpU21qTUoKbmF6aWRVUUVPbDZWQWtVRU1EbnZmTkp4dDFZdktDQjFqZEQ3S0syZjdJYnhpb3dPa0RKUm81aHQxK3Vma1h0eQpESGFwZHdUWnBselYweDNFdTg4TExSTUJQcUU1b3B5eTVMMVV2MUM1cHZxTFB1YzIxeUFrM3d0NmJQMD0KLS0tLS1FTkQgUlNBIFBSSVZBVEUgS0VZLS0tLS0K
kind: Secret
metadata:
creationTimestamp: "2022-12-23T03:02:49Z"
name: domain-cert
namespace: default
resourceVersion: "1438"
uid: f842ef20-1302-4255-bd4d-1cf2f5b92a78
type: kubernetes.io/tls
{
"apiVersion": "v1",
"data": {
"tls.crt": "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUZiVENDQTFXZ0F3SUJBZ0lVQytTaXBYUHR6R0tFb0d1MGNucCtWcmFiRUpZd0RRWUpLb1pJaHZjTkFRRUwKQlFBd1JqRUxNQWtHQTFVRUJoTUNVbFV4RHpBTkJnTlZCQWdNQmsxdmMyTnZkekVQTUEwR0ExVUVCd3dHVFc5egpZMjkzTVJVd0V3WURWUVFEREF4elpYSjJaWEl1Ykc5allXd3dIaGNOTWpJeE1qSXpNREkxTURNMFdoY05Nekl4Ck1qSXdNREkxTURNMFdqQkdNUXN3Q1FZRFZRUUdFd0pTVlRFUE1BMEdBMVVFQ0F3R1RXOXpZMjkzTVE4d0RRWUQKVlFRSERBWk5iM05qYjNjeEZUQVRCZ05WQkFNTURITmxjblpsY2k1c2IyTmhiRENDQWlJd0RRWUpLb1pJaHZjTgpBUUVCQlFBRGdnSVBBRENDQWdvQ2dnSUJBSjJIUXJ4NUFoanU5azBqWkwrWUhydXp3TlhSekwvZFRkUW1pR2FjClFXWGozU3pJTTFpUEZwRnlOMTBxaERDS1RpeTIvRXdWWWZTYXhGUmh1c3ZqSHpUczBzdU51c1RhT09FR2g5ZGsKaXQ3Y010dWMwU29aa3QyTTE4VUQ1L0Zzem0xbTVQNlhBTERHZlNoTWM3ZFRiV3o1dE91S3Uwbi9ia3JuaFl1SgpSM1FIa2RxelZQMTk4bmxGbitGeko3SDJFbkt3d2kwM0FPN0xNK0lVZHI2K3FNZytKUDZnK1pCZG82S1NsMGw3ClVkL1RkZExHMUZRNlF4UUFoTHJkdVVXaUFKaUJ6Vk14dHlKL3FTVWlKd0E2eGwyN3pxVjFHZ0NEVlh2cmQzYVQKQVFjdVYvallSdUtmSnVxK1N5V3B0RzVXcXJWcCsyTm8zWG5RMHpnd0JKQmlWa0s4WVZ3VGVLN2s5QkdVdWJHbApuaVArRHhCLzlQWS91TFhzVEcrSXRyblVDaTFyWlRoNFVzNitwVlFqNG5oNkZKUk5WTUxIbnRPdXpwbUJrZ3ZPClVIblp5STlmOHhRVUFtUTN6Y3Jwc0hSZlRaZmFMS2QycUFxS2tiYTcyM3Uyb041cldUcU84MjVZTUF5Qk80VWUKOVdTcmdteWZrbDhIWUQ4NHMyam8wNGQzVVNqM1dCNDRLR3lscGxlVHZWc3hsY3hGa2UwRSsvSDFxdmN0SjdvaApiZW1LRGRTNkYwTUNHQWhVZmVWdkZEN24rdTFsbnU5VlNxeEpGMHk0TlF6Tmd3MEovbTA3MDZ5UytIY1RYQWw2CkY3emtaODVNcGpydGQ0ODRoMkdITGJKNHlyYUpFdlhFOFNLUDlTVEQ4WW9BeWdJQmYzTWZmU0ZBTHllSzdITCsKOERKQkFnTUJBQUdqVXpCUk1CMEdBMVVkRGdRV0JCUXFTNU5NanZISEVFbW9qWklCMzBsQ3hleTZLakFmQmdOVgpIU01FR0RBV2dCUXFTNU5NanZISEVFbW9qWklCMzBsQ3hleTZLakFQQmdOVkhSTUJBZjhFQlRBREFRSC9NQTBHCkNTcUdTSWIzRFFFQkN3VUFBNElDQVFCWFVIUHZxVVlWVHNYVmFLWkhzd1djUjZ2WVlhZFc5TWU1RndXMjkydUkKTkdGRys4UHhPN2NEalFwTnAzd09ZcTMxc1RQUUhvVGV3dDM2WG9XQ1VYdHUrSEpDY081YndDc1EvMHVhZGVSdwpST0VuQXE3a2JQNDFWZEp3bDZDUjk2TitMZVNyTnYzSzBSOUlLR2xSNXNVbFRBUytVZkpLeXN6Vi9ydFE4V1pvCjRydWxrWWZTRVR6OFd0R1BxVmpCRTNhTzU0bFd0Q3lCcUNyK3ZUeWdDQkdjM3V6ZTRZVk9weTJNV1NmU29QQmcKVWRJM09FakpETVU0RFY3bW5QSjkwaXRnNlJvS0JjcEliSjc5UVNLUlRWVHoxTkFBNTVMQjVkY3pYOHlOQ2R3ZgpMcVpDSHBZV1VnN2drQWdlaUsyR3VERmxXcHFvMmVoeGQ1eXZja3pIWlpqb05ZdnFiUDZFKzg4d3Z0aEVnR05CCmNzeERPM29GUGV5RlVTaStKMmZDVGRTUVBHS0dCMUlRR1BFN1lvaHdlQUlZazh1bStBR0VRMVBlSnhnWVVpdnMKQkpOMEZIWW1PN0RaeEIzYmxvejBPZnVGenlzckdPbnJvdHZWUDVwNXVNTFpMOVdjL0RPSWlIcjdDYURuVnA4aworY1ZYRUJOaU4zTmI5VTczSTJHNStWeGJIcE51VERxcGxkL1ZIcjhjbTJLdlVGSGVlUElTQ3JQZHBJalBVNldVCllIQVFaenBZbUozLzczQTQ3a3E5NTBjQU1uYVVJY0lzemxjN002TXpzbzJYaU8rRE5VMkp3b1orS3p0alJXS2cKWWxuY1lDK0N0aVpadllWbGFqc01mblg3bEJ6STNYRnJScjFlejk5ZjFXNWdlRHJPUGh3ZnhXS1pmaUdJUW52LwpHZz09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K",
"tls.key": "LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlKS0FJQkFBS0NBZ0VBbllkQ3ZIa0NHTzcyVFNOa3Y1Z2V1N1BBMWRITXY5MU4xQ2FJWnB4QlplUGRMTWd6CldJOFdrWEkzWFNxRU1JcE9MTGI4VEJWaDlKckVWR0c2eStNZk5PelN5NDI2eE5vNDRRYUgxMlNLM3R3eTI1elIKS2htUzNZelh4UVBuOFd6T2JXYmsvcGNBc01aOUtFeHp0MU50YlBtMDY0cTdTZjl1U3VlRmk0bEhkQWVSMnJOVQovWDN5ZVVXZjRYTW5zZllTY3JEQ0xUY0E3c3N6NGhSMnZyNm95RDRrL3FENWtGMmpvcEtYU1h0UjM5TjEwc2JVClZEcERGQUNFdXQyNVJhSUFtSUhOVXpHM0luK3BKU0luQURyR1hidk9wWFVhQUlOVmUrdDNkcE1CQnk1WCtOaEcKNHA4bTZyNUxKYW0wYmxhcXRXbjdZMmpkZWREVE9EQUVrR0pXUXJ4aFhCTjRydVQwRVpTNXNhV2VJLzRQRUgvMAo5ais0dGV4TWI0aTJ1ZFFLTFd0bE9IaFN6cjZsVkNQaWVIb1VsRTFVd3NlZTA2N09tWUdTQzg1UWVkbklqMS96CkZCUUNaRGZOeXVtd2RGOU5sOW9zcDNhb0NvcVJ0cnZiZTdhZzNtdFpPbzd6Ymxnd0RJRTdoUjcxWkt1Q2JKK1MKWHdkZ1B6aXphT2pUaDNkUktQZFlIamdvYktXbVY1TzlXekdWekVXUjdRVDc4ZldxOXkwbnVpRnQ2WW9OMUxvWApRd0lZQ0ZSOTVXOFVQdWY2N1dXZTcxVktyRWtYVExnMURNMkREUW4rYlR2VHJKTDRkeE5jQ1hvWHZPUm56a3ltCk91MTNqemlIWVljdHNuakt0b2tTOWNUeElvLzFKTVB4aWdES0FnRi9jeDk5SVVBdko0cnNjdjd3TWtFQ0F3RUEKQVFLQ0FnRUFpazNPSHZGVEVSY0VjaGRJQmhzRnFLQ2FCbUJybG13elA3Y1EvSjNsb1JKZEJrdERJVmFIWnUxVApoRjJtcjROT1BWM3V4dEhqTGNHUDY5SGVFZEgzZlIwTHVhRld3Q3dqMGhWTXdLUktkSDM1dk96Q2kyYm1sZE5wClFWVTdsN0NDMEhTTlNxVEMrM0ZaUXo5VVBUbG5FazF1TlhxWkVzL0xRc0pnY25EMXBmNWJaUnNiM0c5dXFtQ2gKald2d0J3UFhrSkIxK3dLV3RCRCtIVmtBSkZuNmo4eFg2S0xtV1lTTS9WZ2NzV3d2SndkZUk4OWpiZ3UxQnVPcApwUEswRGxtOGtpa3NYd1dBRnk3a0QzRWJzc3puaWpZd3FQM1Y5V3RaYXpJQnNiNUJJYy9qZHR4VDUvWDVVaEgrCm9qT0w4Vy92OHRUNDNIK2VLNnhYTmJhYTJ6VXJLNDJpQ2toUlBTZjQxNmdZYUZvRDk1dkxScjcrbUNVeWtRaC8KOFIyeTc1UFMrbHNVZ2JKZExocUwxZUZRSUV4ZTBvbDdrVFZYN01JbXo4TGNhVjNJUjJXQklpS2FXTFFXcGRuQgpGUzhqdVV3MGZYZU56Kzk3SnlRRmlPVWhxRlVOMEJMd200ZzF5WDhoYVp6NXBhemVtdTRvMHE5YjMwakN0NUNQCnpZOTdXRXdFbTYyaVZNOWZ6ZlZMUW1pT2FSWW9pVlpPZTJGL0ZWSWMxZzNqalZ1aGlEMWZTcm11UXl3Y2Y2aGsKVEdQVnhDWTU5ZDQ0WjJ6dmU3M2FGaFJLUjI5M2dWZG1RMUR2d1FBWmFDbUNTQWFuUER2ZkRQS21seU45VFNWYQpzR3hzR0VRMzFTeWpoSVIzN2xOOWttN2lLNlg4UTZqNWw0Y3c4NXJuSElpbzRydVErWDBDZ2dFQkFOQmIrVWZrClRGTFdxbVgyZ3FjSy9zc3NpYWsxc1IwREo2eXVzb29XSXU4WU40QnNUWlAwOFA0c2FjWVdjbVQrS3JTUS9YWGQKZXdZYzhna1hjamxMYUhQUjZXQ045S1p2czNpbVNKTEk2bjBIM1lGU0ZEWU8zcmpBUTJtQWRSalFlZXJjTGx4SQprVTJ6SUQ1dUo1K3kzYlpjTk1KTm5JN2U5YzdGQXRFd1JEZmNnWWdubHJ5ajlMSlROby90eTI3cHcxdGpoK1NUCmNpWm5vM1NtMHRxNWhPeEFqaDBneHh4dmxFR2F0TGE1VG03cWZsVk9VSStNZFpYUzVnTjZnb2FWZ2pGYTh4cWIKclNodVBUV3RMTE9wMHdzVHJOZGZqbzlqKzlWUjRjUzRsdTB1WEdFZlE1VW9kUDFleXl4YW9iT0x0L2NOS20vcQpRaEg0MFFQcnF0cHNQYXNDZ2dFQkFNR0wrQVN5RVZVcWRvWU0xbDJJSGhYcjN6cWlOa1daeTkxVWVLVFRSd1l0CmlkajhLWGN2VnQwUlBDTUR3cFBiV0l6NE5KajhWQTNDS2xidFV5b1phS0VoWktDYWhTbzVmVk4xVnFnYlBZVFYKQngzNDhXWk45Ym5hSFFTNVoxc1NWQmxXRVFXSXBYTDZFTUZ5UDRESHZZRmNjTmJqOWdDaXgxQ1ZNQzlpSU1ZeAp3T0REWE4yR2NtdDBsb055OE14bmJCUUpCZ1JmTzRPaXNzcWdidm1DQWNVYWRIVVZ5TkVnYXNNZVpXMi9JNHliCjNaTlZIR2tnRm5BY3hkcWNsS3ZpUzdhUWN3VGxKVlA5WkNzOUlGRnJlZEJ6aUp6MXpDZ0dzbkcxb3NCd2pyZ2kKRFZFcFVRczVJc1FWcWJUQlppSFBvSDdwTGxJem0zeThsdDlBRFMva3E4TUNnZ0VBWXBYeUdDc1VWZW5PVEZwYwpMVytOYVZMVWUrUzB2ZFo5VWo2Q3FjV1psK21zY1M1TmNxRmwyYzNuNmxzNm0wQ0xzazRjTDBXeGJRNExFM1F0CmpxQjRkcnl1b1FucDVVcGE3ODQxN29YME5WNmdWdzBnRlFmcUtCNklod1hKNGdqYWR0N2hiTGJGVWE5Y3BVMTMKb0IrQXVrVmNqVWN0dVlnVFpGZGhZdHRrbTgzUTJEeHJIU3l5bmlHellseVFjaFZYWXdsd0JoNGgxN3dYNGgwQgpEWTdVTHZqSWhVMjZDR0ZmRTcrQW5DaUh6UUZVNzBZVDVpZitodnAzN05OdHFRSmF6TUdNMzEwampFckUyWDNyCjljSjM0ZmpZUWp1cmQzdEdjQVBEUUZKYXp6U3RieUxjMWxtREtWTk43Tm1oUXhQcjRwQXZNUzcxUGcydDBCNFYKQkM1TTZ3S0NBUUJXY29ZYzBzd2JGaFJLVzRHRDFVQmEyamVpb01GTTVSekJodkU3N1lKVHFCTmg3MzgxMU5jZgpkb3M5dUhnNFFraVM3bW5QeXlSZjRORzRjZGdyZlozV0dtd3ZyOVM2djJMUzNCNFFoOW82Y2t2emZ6V1RWRTdrCjdCNzU5VFhNMzZyZ2hpaWtLQng5OW1OMWcrb0pReTNKa2RoMG91MUY2MjdLOTFmR1VqWUJVRWV1SEpSbC9aOHQKajYyS21OUWsrQ3kxNWpIaDBnZHJERWgvYUprb3FJRFI0TGNUZE45MVNOMW11VFRraC9NQTRyMWRDUzdmWlkyZwpGYm5wb3Zaa3IzYlIzRU1EZExYdmhjWXY2ZVY5ZUZ1NFYySTFlVFB1ek03M0t3Rytvb2VjaHRrYjN6QnJxdUYwClk1aWhPNkM2aVZwT1ZTaHpYc21jTlQvT0IzWGNabTZ4QW9JQkFEUVluSnBxaWN3b21mNml5Qnp6OVhiMVZTbmsKTmx4SWZ3QnJ4Ykx5M0Qra2FPWU5GVy8rVFE4QmlKZk1CaEFFRGRlS3hVS255MHJYaVVkaGtVYnVtQjE2RnlUdwo5cE8vQkRPVVk1bHc5VisvcDhjb1JvT1YvdFV4Skt5QnZyLzJhT1Z0T1B4Y2NqV3Urejc0dFZhUmhMMjVkaGlnCktQSzltTTdDK3Zwbk9SdnB4OG5ISEp1dHBUcU55ZjViVzFGNnR1OENwbWtkV2pRQjlkZzJPd0hwbnBpU21qTUoKbmF6aWRVUUVPbDZWQWtVRU1EbnZmTkp4dDFZdktDQjFqZEQ3S0syZjdJYnhpb3dPa0RKUm81aHQxK3Vma1h0eQpESGFwZHdUWnBselYweDNFdTg4TExSTUJQcUU1b3B5eTVMMVV2MUM1cHZxTFB1YzIxeUFrM3d0NmJQMD0KLS0tLS1FTkQgUlNBIFBSSVZBVEUgS0VZLS0tLS0K"
},
"kind": "Secret",
"metadata": {
"creationTimestamp": "2022-12-23T03:02:49Z",
"name": "domain-cert",
"namespace": "default",
"resourceVersion": "1438",
"uid": "f842ef20-1302-4255-bd4d-1cf2f5b92a78"
},
"type": "kubernetes.io/tls"
}
Как выгрузить секрет и сохранить его в файл?
kubectl get secrets -o json > secrets/secrets.json kubectl get secret domain-cert -o yaml > secrets/domain-cert.yml
Файлы сохранены в директорию secrets.
Как удалить секрет?
kubectl delete secret domain-cert
secret "domain-cert" deleted
Как загрузить секрет из файла?
kubectl apply -f secrets/domain-cert.yml
secret/domain-cert created
Задача 2
Работа с секретами внутри модуля.
Выберите любимый образ контейнера, подключите секреты и проверьте их доступность как в виде переменных окружения, так и в виде примонтированного тома.
Для подключения будет использоваться секрет с сертификатами, созданный в предыдущем задании. Дополнительно будет создан новый секрет со значениями "имя пользователя" и "пароль".
Для начала нужно применить конфигурацию нового секрета в кластере:
kubectl apply -f config/test_secret.yml
Проверка, что секрет был успешно создан:
kubectl get secret
NAME TYPE DATA AGE
domain-cert kubernetes.io/tls 2 12m
test-secret Opaque 2 40s
Затем необходимо применить конфигурацию пода с подключёнными секретами config/test_pod.yml:
kubectl apply -f config/test_pod.yml
kubectl get po
NAME READY STATUS RESTARTS AGE
test-pod 1/1 Running 0 14s
После успешного старта пода нужно подключится к контейнеру и проверить, что переменные окружения были успешно созданы и существуют файлы сертификатов по указанному в конфигурации пути.
kubectl exec -it pods/test-pod -- sh
printenv | grep SOME_
ls -la /etc/nginx/ssl
# printenv
SOME_PASSWORD=pwd
SOME_USER=user
# ls
total 4
drwxrwxrwt 3 root root 120 Dec 23 03:19 .
drwxr-xr-x 1 root root 4096 Dec 23 03:19 ..
drwxr-xr-x 2 root root 80 Dec 23 03:19 ..2022_12_23_03_19_34.2837050582
lrwxrwxrwx 1 root root 32 Dec 23 03:19 ..data -> ..2022_12_23_03_19_34.2837050582
lrwxrwxrwx 1 root root 14 Dec 23 03:19 tls.crt -> ..data/tls.crt
lrwxrwxrwx 1 root root 14 Dec 23 03:19 tls.key -> ..data/tls.key