dannc/netology-devops
1
0
Fork 0
mirror of https://github.com/Dannecron/netology-devops.git synced 2025-12-25 15:22:37 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
82c8bbcd852c2fc94d2d6796bd57aafd8c780d5e
netology-devops/src/homework/14-kubernetes-security/14.1
History

readme.md

Выполнение домашнего задания по теме "14.1. Создание и использование секретов"

Q/A

Задача 1

Работа с секретами через утилиту kubectl в установленном minikube.

Выполните приведённые ниже команды в консоли, получите вывод команд. Сохраните задачу 1 как справочный материал.

Как создать секрет?

openssl genrsa -out certs/cert.key 4096
openssl req -x509 -new -key certs/cert.key -days 3650 -out certs/cert.crt \
  -subj '/C=RU/ST=Moscow/L=Moscow/CN=server.local'
kubectl create secret tls domain-cert --cert=certs/cert.crt --key=certs/cert.key

Generating RSA private key, 4096 bit long modulus (2 primes)
....................................................................................................................++++
........................++++

secret/domain-cert created

Как просмотреть список секретов?

kubectl get secrets
kubectl get secret

NAME          TYPE                DATA   AGE
domain-cert   kubernetes.io/tls   2      10s

Как просмотреть секрет?

kubectl describe secret domain-cert

Name:         domain-cert
Namespace:    default
Labels:       <none>
Annotations:  <none>

Type:  kubernetes.io/tls

Data
====
tls.crt:  1944 bytes
tls.key:  3243 bytes

Как получить информацию в формате YAML и/или JSON?

kubectl get secret domain-cert -o yaml
kubectl get secret domain-cert -o json

apiVersion: v1
data:
  tls.crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUZiVENDQTFXZ0F3SUJBZ0lVQytTaXBYUHR6R0tFb0d1MGNucCtWcmFiRUpZd0RRWUpLb1pJaHZjTkFRRUwKQlFBd1JqRUxNQWtHQTFVRUJoTUNVbFV4RHpBTkJnTlZCQWdNQmsxdmMyTnZkekVQTUEwR0ExVUVCd3dHVFc5egpZMjkzTVJVd0V3WURWUVFEREF4elpYSjJaWEl1Ykc5allXd3dIaGNOTWpJeE1qSXpNREkxTURNMFdoY05Nekl4Ck1qSXdNREkxTURNMFdqQkdNUXN3Q1FZRFZRUUdFd0pTVlRFUE1BMEdBMVVFQ0F3R1RXOXpZMjkzTVE4d0RRWUQKVlFRSERBWk5iM05qYjNjeEZUQVRCZ05WQkFNTURITmxjblpsY2k1c2IyTmhiRENDQWlJd0RRWUpLb1pJaHZjTgpBUUVCQlFBRGdnSVBBRENDQWdvQ2dnSUJBSjJIUXJ4NUFoanU5azBqWkwrWUhydXp3TlhSekwvZFRkUW1pR2FjClFXWGozU3pJTTFpUEZwRnlOMTBxaERDS1RpeTIvRXdWWWZTYXhGUmh1c3ZqSHpUczBzdU51c1RhT09FR2g5ZGsKaXQ3Y010dWMwU29aa3QyTTE4VUQ1L0Zzem0xbTVQNlhBTERHZlNoTWM3ZFRiV3o1dE91S3Uwbi9ia3JuaFl1SgpSM1FIa2RxelZQMTk4bmxGbitGeko3SDJFbkt3d2kwM0FPN0xNK0lVZHI2K3FNZytKUDZnK1pCZG82S1NsMGw3ClVkL1RkZExHMUZRNlF4UUFoTHJkdVVXaUFKaUJ6Vk14dHlKL3FTVWlKd0E2eGwyN3pxVjFHZ0NEVlh2cmQzYVQKQVFjdVYvallSdUtmSnVxK1N5V3B0RzVXcXJWcCsyTm8zWG5RMHpnd0JKQmlWa0s4WVZ3VGVLN2s5QkdVdWJHbApuaVArRHhCLzlQWS91TFhzVEcrSXRyblVDaTFyWlRoNFVzNitwVlFqNG5oNkZKUk5WTUxIbnRPdXpwbUJrZ3ZPClVIblp5STlmOHhRVUFtUTN6Y3Jwc0hSZlRaZmFMS2QycUFxS2tiYTcyM3Uyb041cldUcU84MjVZTUF5Qk80VWUKOVdTcmdteWZrbDhIWUQ4NHMyam8wNGQzVVNqM1dCNDRLR3lscGxlVHZWc3hsY3hGa2UwRSsvSDFxdmN0SjdvaApiZW1LRGRTNkYwTUNHQWhVZmVWdkZEN24rdTFsbnU5VlNxeEpGMHk0TlF6Tmd3MEovbTA3MDZ5UytIY1RYQWw2CkY3emtaODVNcGpydGQ0ODRoMkdITGJKNHlyYUpFdlhFOFNLUDlTVEQ4WW9BeWdJQmYzTWZmU0ZBTHllSzdITCsKOERKQkFnTUJBQUdqVXpCUk1CMEdBMVVkRGdRV0JCUXFTNU5NanZISEVFbW9qWklCMzBsQ3hleTZLakFmQmdOVgpIU01FR0RBV2dCUXFTNU5NanZISEVFbW9qWklCMzBsQ3hleTZLakFQQmdOVkhSTUJBZjhFQlRBREFRSC9NQTBHCkNTcUdTSWIzRFFFQkN3VUFBNElDQVFCWFVIUHZxVVlWVHNYVmFLWkhzd1djUjZ2WVlhZFc5TWU1RndXMjkydUkKTkdGRys4UHhPN2NEalFwTnAzd09ZcTMxc1RQUUhvVGV3dDM2WG9XQ1VYdHUrSEpDY081YndDc1EvMHVhZGVSdwpST0VuQXE3a2JQNDFWZEp3bDZDUjk2TitMZVNyTnYzSzBSOUlLR2xSNXNVbFRBUytVZkpLeXN6Vi9ydFE4V1pvCjRydWxrWWZTRVR6OFd0R1BxVmpCRTNhTzU0bFd0Q3lCcUNyK3ZUeWdDQkdjM3V6ZTRZVk9weTJNV1NmU29QQmcKVWRJM09FakpETVU0RFY3bW5QSjkwaXRnNlJvS0JjcEliSjc5UVNLUlRWVHoxTkFBNTVMQjVkY3pYOHlOQ2R3ZgpMcVpDSHBZV1VnN2drQWdlaUsyR3VERmxXcHFvMmVoeGQ1eXZja3pIWlpqb05ZdnFiUDZFKzg4d3Z0aEVnR05CCmNzeERPM29GUGV5RlVTaStKMmZDVGRTUVBHS0dCMUlRR1BFN1lvaHdlQUlZazh1bStBR0VRMVBlSnhnWVVpdnMKQkpOMEZIWW1PN0RaeEIzYmxvejBPZnVGenlzckdPbnJvdHZWUDVwNXVNTFpMOVdjL0RPSWlIcjdDYURuVnA4aworY1ZYRUJOaU4zTmI5VTczSTJHNStWeGJIcE51VERxcGxkL1ZIcjhjbTJLdlVGSGVlUElTQ3JQZHBJalBVNldVCllIQVFaenBZbUozLzczQTQ3a3E5NTBjQU1uYVVJY0lzemxjN002TXpzbzJYaU8rRE5VMkp3b1orS3p0alJXS2cKWWxuY1lDK0N0aVpadllWbGFqc01mblg3bEJ6STNYRnJScjFlejk5ZjFXNWdlRHJPUGh3ZnhXS1pmaUdJUW52LwpHZz09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K
  tls.key: LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlKS0FJQkFBS0NBZ0VBbllkQ3ZIa0NHTzcyVFNOa3Y1Z2V1N1BBMWRITXY5MU4xQ2FJWnB4QlplUGRMTWd6CldJOFdrWEkzWFNxRU1JcE9MTGI4VEJWaDlKckVWR0c2eStNZk5PelN5NDI2eE5vNDRRYUgxMlNLM3R3eTI1elIKS2htUzNZelh4UVBuOFd6T2JXYmsvcGNBc01aOUtFeHp0MU50YlBtMDY0cTdTZjl1U3VlRmk0bEhkQWVSMnJOVQovWDN5ZVVXZjRYTW5zZllTY3JEQ0xUY0E3c3N6NGhSMnZyNm95RDRrL3FENWtGMmpvcEtYU1h0UjM5TjEwc2JVClZEcERGQUNFdXQyNVJhSUFtSUhOVXpHM0luK3BKU0luQURyR1hidk9wWFVhQUlOVmUrdDNkcE1CQnk1WCtOaEcKNHA4bTZyNUxKYW0wYmxhcXRXbjdZMmpkZWREVE9EQUVrR0pXUXJ4aFhCTjRydVQwRVpTNXNhV2VJLzRQRUgvMAo5ais0dGV4TWI0aTJ1ZFFLTFd0bE9IaFN6cjZsVkNQaWVIb1VsRTFVd3NlZTA2N09tWUdTQzg1UWVkbklqMS96CkZCUUNaRGZOeXVtd2RGOU5sOW9zcDNhb0NvcVJ0cnZiZTdhZzNtdFpPbzd6Ymxnd0RJRTdoUjcxWkt1Q2JKK1MKWHdkZ1B6aXphT2pUaDNkUktQZFlIamdvYktXbVY1TzlXekdWekVXUjdRVDc4ZldxOXkwbnVpRnQ2WW9OMUxvWApRd0lZQ0ZSOTVXOFVQdWY2N1dXZTcxVktyRWtYVExnMURNMkREUW4rYlR2VHJKTDRkeE5jQ1hvWHZPUm56a3ltCk91MTNqemlIWVljdHNuakt0b2tTOWNUeElvLzFKTVB4aWdES0FnRi9jeDk5SVVBdko0cnNjdjd3TWtFQ0F3RUEKQVFLQ0FnRUFpazNPSHZGVEVSY0VjaGRJQmhzRnFLQ2FCbUJybG13elA3Y1EvSjNsb1JKZEJrdERJVmFIWnUxVApoRjJtcjROT1BWM3V4dEhqTGNHUDY5SGVFZEgzZlIwTHVhRld3Q3dqMGhWTXdLUktkSDM1dk96Q2kyYm1sZE5wClFWVTdsN0NDMEhTTlNxVEMrM0ZaUXo5VVBUbG5FazF1TlhxWkVzL0xRc0pnY25EMXBmNWJaUnNiM0c5dXFtQ2gKald2d0J3UFhrSkIxK3dLV3RCRCtIVmtBSkZuNmo4eFg2S0xtV1lTTS9WZ2NzV3d2SndkZUk4OWpiZ3UxQnVPcApwUEswRGxtOGtpa3NYd1dBRnk3a0QzRWJzc3puaWpZd3FQM1Y5V3RaYXpJQnNiNUJJYy9qZHR4VDUvWDVVaEgrCm9qT0w4Vy92OHRUNDNIK2VLNnhYTmJhYTJ6VXJLNDJpQ2toUlBTZjQxNmdZYUZvRDk1dkxScjcrbUNVeWtRaC8KOFIyeTc1UFMrbHNVZ2JKZExocUwxZUZRSUV4ZTBvbDdrVFZYN01JbXo4TGNhVjNJUjJXQklpS2FXTFFXcGRuQgpGUzhqdVV3MGZYZU56Kzk3SnlRRmlPVWhxRlVOMEJMd200ZzF5WDhoYVp6NXBhemVtdTRvMHE5YjMwakN0NUNQCnpZOTdXRXdFbTYyaVZNOWZ6ZlZMUW1pT2FSWW9pVlpPZTJGL0ZWSWMxZzNqalZ1aGlEMWZTcm11UXl3Y2Y2aGsKVEdQVnhDWTU5ZDQ0WjJ6dmU3M2FGaFJLUjI5M2dWZG1RMUR2d1FBWmFDbUNTQWFuUER2ZkRQS21seU45VFNWYQpzR3hzR0VRMzFTeWpoSVIzN2xOOWttN2lLNlg4UTZqNWw0Y3c4NXJuSElpbzRydVErWDBDZ2dFQkFOQmIrVWZrClRGTFdxbVgyZ3FjSy9zc3NpYWsxc1IwREo2eXVzb29XSXU4WU40QnNUWlAwOFA0c2FjWVdjbVQrS3JTUS9YWGQKZXdZYzhna1hjamxMYUhQUjZXQ045S1p2czNpbVNKTEk2bjBIM1lGU0ZEWU8zcmpBUTJtQWRSalFlZXJjTGx4SQprVTJ6SUQ1dUo1K3kzYlpjTk1KTm5JN2U5YzdGQXRFd1JEZmNnWWdubHJ5ajlMSlROby90eTI3cHcxdGpoK1NUCmNpWm5vM1NtMHRxNWhPeEFqaDBneHh4dmxFR2F0TGE1VG03cWZsVk9VSStNZFpYUzVnTjZnb2FWZ2pGYTh4cWIKclNodVBUV3RMTE9wMHdzVHJOZGZqbzlqKzlWUjRjUzRsdTB1WEdFZlE1VW9kUDFleXl4YW9iT0x0L2NOS20vcQpRaEg0MFFQcnF0cHNQYXNDZ2dFQkFNR0wrQVN5RVZVcWRvWU0xbDJJSGhYcjN6cWlOa1daeTkxVWVLVFRSd1l0CmlkajhLWGN2VnQwUlBDTUR3cFBiV0l6NE5KajhWQTNDS2xidFV5b1phS0VoWktDYWhTbzVmVk4xVnFnYlBZVFYKQngzNDhXWk45Ym5hSFFTNVoxc1NWQmxXRVFXSXBYTDZFTUZ5UDRESHZZRmNjTmJqOWdDaXgxQ1ZNQzlpSU1ZeAp3T0REWE4yR2NtdDBsb055OE14bmJCUUpCZ1JmTzRPaXNzcWdidm1DQWNVYWRIVVZ5TkVnYXNNZVpXMi9JNHliCjNaTlZIR2tnRm5BY3hkcWNsS3ZpUzdhUWN3VGxKVlA5WkNzOUlGRnJlZEJ6aUp6MXpDZ0dzbkcxb3NCd2pyZ2kKRFZFcFVRczVJc1FWcWJUQlppSFBvSDdwTGxJem0zeThsdDlBRFMva3E4TUNnZ0VBWXBYeUdDc1VWZW5PVEZwYwpMVytOYVZMVWUrUzB2ZFo5VWo2Q3FjV1psK21zY1M1TmNxRmwyYzNuNmxzNm0wQ0xzazRjTDBXeGJRNExFM1F0CmpxQjRkcnl1b1FucDVVcGE3ODQxN29YME5WNmdWdzBnRlFmcUtCNklod1hKNGdqYWR0N2hiTGJGVWE5Y3BVMTMKb0IrQXVrVmNqVWN0dVlnVFpGZGhZdHRrbTgzUTJEeHJIU3l5bmlHellseVFjaFZYWXdsd0JoNGgxN3dYNGgwQgpEWTdVTHZqSWhVMjZDR0ZmRTcrQW5DaUh6UUZVNzBZVDVpZitodnAzN05OdHFRSmF6TUdNMzEwampFckUyWDNyCjljSjM0ZmpZUWp1cmQzdEdjQVBEUUZKYXp6U3RieUxjMWxtREtWTk43Tm1oUXhQcjRwQXZNUzcxUGcydDBCNFYKQkM1TTZ3S0NBUUJXY29ZYzBzd2JGaFJLVzRHRDFVQmEyamVpb01GTTVSekJodkU3N1lKVHFCTmg3MzgxMU5jZgpkb3M5dUhnNFFraVM3bW5QeXlSZjRORzRjZGdyZlozV0dtd3ZyOVM2djJMUzNCNFFoOW82Y2t2emZ6V1RWRTdrCjdCNzU5VFhNMzZyZ2hpaWtLQng5OW1OMWcrb0pReTNKa2RoMG91MUY2MjdLOTFmR1VqWUJVRWV1SEpSbC9aOHQKajYyS21OUWsrQ3kxNWpIaDBnZHJERWgvYUprb3FJRFI0TGNUZE45MVNOMW11VFRraC9NQTRyMWRDUzdmWlkyZwpGYm5wb3Zaa3IzYlIzRU1EZExYdmhjWXY2ZVY5ZUZ1NFYySTFlVFB1ek03M0t3Rytvb2VjaHRrYjN6QnJxdUYwClk1aWhPNkM2aVZwT1ZTaHpYc21jTlQvT0IzWGNabTZ4QW9JQkFEUVluSnBxaWN3b21mNml5Qnp6OVhiMVZTbmsKTmx4SWZ3QnJ4Ykx5M0Qra2FPWU5GVy8rVFE4QmlKZk1CaEFFRGRlS3hVS255MHJYaVVkaGtVYnVtQjE2RnlUdwo5cE8vQkRPVVk1bHc5VisvcDhjb1JvT1YvdFV4Skt5QnZyLzJhT1Z0T1B4Y2NqV3Urejc0dFZhUmhMMjVkaGlnCktQSzltTTdDK3Zwbk9SdnB4OG5ISEp1dHBUcU55ZjViVzFGNnR1OENwbWtkV2pRQjlkZzJPd0hwbnBpU21qTUoKbmF6aWRVUUVPbDZWQWtVRU1EbnZmTkp4dDFZdktDQjFqZEQ3S0syZjdJYnhpb3dPa0RKUm81aHQxK3Vma1h0eQpESGFwZHdUWnBselYweDNFdTg4TExSTUJQcUU1b3B5eTVMMVV2MUM1cHZxTFB1YzIxeUFrM3d0NmJQMD0KLS0tLS1FTkQgUlNBIFBSSVZBVEUgS0VZLS0tLS0K
kind: Secret
metadata:
  creationTimestamp: "2022-12-23T03:02:49Z"
  name: domain-cert
  namespace: default
  resourceVersion: "1438"
  uid: f842ef20-1302-4255-bd4d-1cf2f5b92a78
type: kubernetes.io/tls

{
    "apiVersion": "v1",
    "data": {
        "tls.crt": "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUZiVENDQTFXZ0F3SUJBZ0lVQytTaXBYUHR6R0tFb0d1MGNucCtWcmFiRUpZd0RRWUpLb1pJaHZjTkFRRUwKQlFBd1JqRUxNQWtHQTFVRUJoTUNVbFV4RHpBTkJnTlZCQWdNQmsxdmMyTnZkekVQTUEwR0ExVUVCd3dHVFc5egpZMjkzTVJVd0V3WURWUVFEREF4elpYSjJaWEl1Ykc5allXd3dIaGNOTWpJeE1qSXpNREkxTURNMFdoY05Nekl4Ck1qSXdNREkxTURNMFdqQkdNUXN3Q1FZRFZRUUdFd0pTVlRFUE1BMEdBMVVFQ0F3R1RXOXpZMjkzTVE4d0RRWUQKVlFRSERBWk5iM05qYjNjeEZUQVRCZ05WQkFNTURITmxjblpsY2k1c2IyTmhiRENDQWlJd0RRWUpLb1pJaHZjTgpBUUVCQlFBRGdnSVBBRENDQWdvQ2dnSUJBSjJIUXJ4NUFoanU5azBqWkwrWUhydXp3TlhSekwvZFRkUW1pR2FjClFXWGozU3pJTTFpUEZwRnlOMTBxaERDS1RpeTIvRXdWWWZTYXhGUmh1c3ZqSHpUczBzdU51c1RhT09FR2g5ZGsKaXQ3Y010dWMwU29aa3QyTTE4VUQ1L0Zzem0xbTVQNlhBTERHZlNoTWM3ZFRiV3o1dE91S3Uwbi9ia3JuaFl1SgpSM1FIa2RxelZQMTk4bmxGbitGeko3SDJFbkt3d2kwM0FPN0xNK0lVZHI2K3FNZytKUDZnK1pCZG82S1NsMGw3ClVkL1RkZExHMUZRNlF4UUFoTHJkdVVXaUFKaUJ6Vk14dHlKL3FTVWlKd0E2eGwyN3pxVjFHZ0NEVlh2cmQzYVQKQVFjdVYvallSdUtmSnVxK1N5V3B0RzVXcXJWcCsyTm8zWG5RMHpnd0JKQmlWa0s4WVZ3VGVLN2s5QkdVdWJHbApuaVArRHhCLzlQWS91TFhzVEcrSXRyblVDaTFyWlRoNFVzNitwVlFqNG5oNkZKUk5WTUxIbnRPdXpwbUJrZ3ZPClVIblp5STlmOHhRVUFtUTN6Y3Jwc0hSZlRaZmFMS2QycUFxS2tiYTcyM3Uyb041cldUcU84MjVZTUF5Qk80VWUKOVdTcmdteWZrbDhIWUQ4NHMyam8wNGQzVVNqM1dCNDRLR3lscGxlVHZWc3hsY3hGa2UwRSsvSDFxdmN0SjdvaApiZW1LRGRTNkYwTUNHQWhVZmVWdkZEN24rdTFsbnU5VlNxeEpGMHk0TlF6Tmd3MEovbTA3MDZ5UytIY1RYQWw2CkY3emtaODVNcGpydGQ0ODRoMkdITGJKNHlyYUpFdlhFOFNLUDlTVEQ4WW9BeWdJQmYzTWZmU0ZBTHllSzdITCsKOERKQkFnTUJBQUdqVXpCUk1CMEdBMVVkRGdRV0JCUXFTNU5NanZISEVFbW9qWklCMzBsQ3hleTZLakFmQmdOVgpIU01FR0RBV2dCUXFTNU5NanZISEVFbW9qWklCMzBsQ3hleTZLakFQQmdOVkhSTUJBZjhFQlRBREFRSC9NQTBHCkNTcUdTSWIzRFFFQkN3VUFBNElDQVFCWFVIUHZxVVlWVHNYVmFLWkhzd1djUjZ2WVlhZFc5TWU1RndXMjkydUkKTkdGRys4UHhPN2NEalFwTnAzd09ZcTMxc1RQUUhvVGV3dDM2WG9XQ1VYdHUrSEpDY081YndDc1EvMHVhZGVSdwpST0VuQXE3a2JQNDFWZEp3bDZDUjk2TitMZVNyTnYzSzBSOUlLR2xSNXNVbFRBUytVZkpLeXN6Vi9ydFE4V1pvCjRydWxrWWZTRVR6OFd0R1BxVmpCRTNhTzU0bFd0Q3lCcUNyK3ZUeWdDQkdjM3V6ZTRZVk9weTJNV1NmU29QQmcKVWRJM09FakpETVU0RFY3bW5QSjkwaXRnNlJvS0JjcEliSjc5UVNLUlRWVHoxTkFBNTVMQjVkY3pYOHlOQ2R3ZgpMcVpDSHBZV1VnN2drQWdlaUsyR3VERmxXcHFvMmVoeGQ1eXZja3pIWlpqb05ZdnFiUDZFKzg4d3Z0aEVnR05CCmNzeERPM29GUGV5RlVTaStKMmZDVGRTUVBHS0dCMUlRR1BFN1lvaHdlQUlZazh1bStBR0VRMVBlSnhnWVVpdnMKQkpOMEZIWW1PN0RaeEIzYmxvejBPZnVGenlzckdPbnJvdHZWUDVwNXVNTFpMOVdjL0RPSWlIcjdDYURuVnA4aworY1ZYRUJOaU4zTmI5VTczSTJHNStWeGJIcE51VERxcGxkL1ZIcjhjbTJLdlVGSGVlUElTQ3JQZHBJalBVNldVCllIQVFaenBZbUozLzczQTQ3a3E5NTBjQU1uYVVJY0lzemxjN002TXpzbzJYaU8rRE5VMkp3b1orS3p0alJXS2cKWWxuY1lDK0N0aVpadllWbGFqc01mblg3bEJ6STNYRnJScjFlejk5ZjFXNWdlRHJPUGh3ZnhXS1pmaUdJUW52LwpHZz09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K",
        "tls.key": "LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlKS0FJQkFBS0NBZ0VBbllkQ3ZIa0NHTzcyVFNOa3Y1Z2V1N1BBMWRITXY5MU4xQ2FJWnB4QlplUGRMTWd6CldJOFdrWEkzWFNxRU1JcE9MTGI4VEJWaDlKckVWR0c2eStNZk5PelN5NDI2eE5vNDRRYUgxMlNLM3R3eTI1elIKS2htUzNZelh4UVBuOFd6T2JXYmsvcGNBc01aOUtFeHp0MU50YlBtMDY0cTdTZjl1U3VlRmk0bEhkQWVSMnJOVQovWDN5ZVVXZjRYTW5zZllTY3JEQ0xUY0E3c3N6NGhSMnZyNm95RDRrL3FENWtGMmpvcEtYU1h0UjM5TjEwc2JVClZEcERGQUNFdXQyNVJhSUFtSUhOVXpHM0luK3BKU0luQURyR1hidk9wWFVhQUlOVmUrdDNkcE1CQnk1WCtOaEcKNHA4bTZyNUxKYW0wYmxhcXRXbjdZMmpkZWREVE9EQUVrR0pXUXJ4aFhCTjRydVQwRVpTNXNhV2VJLzRQRUgvMAo5ais0dGV4TWI0aTJ1ZFFLTFd0bE9IaFN6cjZsVkNQaWVIb1VsRTFVd3NlZTA2N09tWUdTQzg1UWVkbklqMS96CkZCUUNaRGZOeXVtd2RGOU5sOW9zcDNhb0NvcVJ0cnZiZTdhZzNtdFpPbzd6Ymxnd0RJRTdoUjcxWkt1Q2JKK1MKWHdkZ1B6aXphT2pUaDNkUktQZFlIamdvYktXbVY1TzlXekdWekVXUjdRVDc4ZldxOXkwbnVpRnQ2WW9OMUxvWApRd0lZQ0ZSOTVXOFVQdWY2N1dXZTcxVktyRWtYVExnMURNMkREUW4rYlR2VHJKTDRkeE5jQ1hvWHZPUm56a3ltCk91MTNqemlIWVljdHNuakt0b2tTOWNUeElvLzFKTVB4aWdES0FnRi9jeDk5SVVBdko0cnNjdjd3TWtFQ0F3RUEKQVFLQ0FnRUFpazNPSHZGVEVSY0VjaGRJQmhzRnFLQ2FCbUJybG13elA3Y1EvSjNsb1JKZEJrdERJVmFIWnUxVApoRjJtcjROT1BWM3V4dEhqTGNHUDY5SGVFZEgzZlIwTHVhRld3Q3dqMGhWTXdLUktkSDM1dk96Q2kyYm1sZE5wClFWVTdsN0NDMEhTTlNxVEMrM0ZaUXo5VVBUbG5FazF1TlhxWkVzL0xRc0pnY25EMXBmNWJaUnNiM0c5dXFtQ2gKald2d0J3UFhrSkIxK3dLV3RCRCtIVmtBSkZuNmo4eFg2S0xtV1lTTS9WZ2NzV3d2SndkZUk4OWpiZ3UxQnVPcApwUEswRGxtOGtpa3NYd1dBRnk3a0QzRWJzc3puaWpZd3FQM1Y5V3RaYXpJQnNiNUJJYy9qZHR4VDUvWDVVaEgrCm9qT0w4Vy92OHRUNDNIK2VLNnhYTmJhYTJ6VXJLNDJpQ2toUlBTZjQxNmdZYUZvRDk1dkxScjcrbUNVeWtRaC8KOFIyeTc1UFMrbHNVZ2JKZExocUwxZUZRSUV4ZTBvbDdrVFZYN01JbXo4TGNhVjNJUjJXQklpS2FXTFFXcGRuQgpGUzhqdVV3MGZYZU56Kzk3SnlRRmlPVWhxRlVOMEJMd200ZzF5WDhoYVp6NXBhemVtdTRvMHE5YjMwakN0NUNQCnpZOTdXRXdFbTYyaVZNOWZ6ZlZMUW1pT2FSWW9pVlpPZTJGL0ZWSWMxZzNqalZ1aGlEMWZTcm11UXl3Y2Y2aGsKVEdQVnhDWTU5ZDQ0WjJ6dmU3M2FGaFJLUjI5M2dWZG1RMUR2d1FBWmFDbUNTQWFuUER2ZkRQS21seU45VFNWYQpzR3hzR0VRMzFTeWpoSVIzN2xOOWttN2lLNlg4UTZqNWw0Y3c4NXJuSElpbzRydVErWDBDZ2dFQkFOQmIrVWZrClRGTFdxbVgyZ3FjSy9zc3NpYWsxc1IwREo2eXVzb29XSXU4WU40QnNUWlAwOFA0c2FjWVdjbVQrS3JTUS9YWGQKZXdZYzhna1hjamxMYUhQUjZXQ045S1p2czNpbVNKTEk2bjBIM1lGU0ZEWU8zcmpBUTJtQWRSalFlZXJjTGx4SQprVTJ6SUQ1dUo1K3kzYlpjTk1KTm5JN2U5YzdGQXRFd1JEZmNnWWdubHJ5ajlMSlROby90eTI3cHcxdGpoK1NUCmNpWm5vM1NtMHRxNWhPeEFqaDBneHh4dmxFR2F0TGE1VG03cWZsVk9VSStNZFpYUzVnTjZnb2FWZ2pGYTh4cWIKclNodVBUV3RMTE9wMHdzVHJOZGZqbzlqKzlWUjRjUzRsdTB1WEdFZlE1VW9kUDFleXl4YW9iT0x0L2NOS20vcQpRaEg0MFFQcnF0cHNQYXNDZ2dFQkFNR0wrQVN5RVZVcWRvWU0xbDJJSGhYcjN6cWlOa1daeTkxVWVLVFRSd1l0CmlkajhLWGN2VnQwUlBDTUR3cFBiV0l6NE5KajhWQTNDS2xidFV5b1phS0VoWktDYWhTbzVmVk4xVnFnYlBZVFYKQngzNDhXWk45Ym5hSFFTNVoxc1NWQmxXRVFXSXBYTDZFTUZ5UDRESHZZRmNjTmJqOWdDaXgxQ1ZNQzlpSU1ZeAp3T0REWE4yR2NtdDBsb055OE14bmJCUUpCZ1JmTzRPaXNzcWdidm1DQWNVYWRIVVZ5TkVnYXNNZVpXMi9JNHliCjNaTlZIR2tnRm5BY3hkcWNsS3ZpUzdhUWN3VGxKVlA5WkNzOUlGRnJlZEJ6aUp6MXpDZ0dzbkcxb3NCd2pyZ2kKRFZFcFVRczVJc1FWcWJUQlppSFBvSDdwTGxJem0zeThsdDlBRFMva3E4TUNnZ0VBWXBYeUdDc1VWZW5PVEZwYwpMVytOYVZMVWUrUzB2ZFo5VWo2Q3FjV1psK21zY1M1TmNxRmwyYzNuNmxzNm0wQ0xzazRjTDBXeGJRNExFM1F0CmpxQjRkcnl1b1FucDVVcGE3ODQxN29YME5WNmdWdzBnRlFmcUtCNklod1hKNGdqYWR0N2hiTGJGVWE5Y3BVMTMKb0IrQXVrVmNqVWN0dVlnVFpGZGhZdHRrbTgzUTJEeHJIU3l5bmlHellseVFjaFZYWXdsd0JoNGgxN3dYNGgwQgpEWTdVTHZqSWhVMjZDR0ZmRTcrQW5DaUh6UUZVNzBZVDVpZitodnAzN05OdHFRSmF6TUdNMzEwampFckUyWDNyCjljSjM0ZmpZUWp1cmQzdEdjQVBEUUZKYXp6U3RieUxjMWxtREtWTk43Tm1oUXhQcjRwQXZNUzcxUGcydDBCNFYKQkM1TTZ3S0NBUUJXY29ZYzBzd2JGaFJLVzRHRDFVQmEyamVpb01GTTVSekJodkU3N1lKVHFCTmg3MzgxMU5jZgpkb3M5dUhnNFFraVM3bW5QeXlSZjRORzRjZGdyZlozV0dtd3ZyOVM2djJMUzNCNFFoOW82Y2t2emZ6V1RWRTdrCjdCNzU5VFhNMzZyZ2hpaWtLQng5OW1OMWcrb0pReTNKa2RoMG91MUY2MjdLOTFmR1VqWUJVRWV1SEpSbC9aOHQKajYyS21OUWsrQ3kxNWpIaDBnZHJERWgvYUprb3FJRFI0TGNUZE45MVNOMW11VFRraC9NQTRyMWRDUzdmWlkyZwpGYm5wb3Zaa3IzYlIzRU1EZExYdmhjWXY2ZVY5ZUZ1NFYySTFlVFB1ek03M0t3Rytvb2VjaHRrYjN6QnJxdUYwClk1aWhPNkM2aVZwT1ZTaHpYc21jTlQvT0IzWGNabTZ4QW9JQkFEUVluSnBxaWN3b21mNml5Qnp6OVhiMVZTbmsKTmx4SWZ3QnJ4Ykx5M0Qra2FPWU5GVy8rVFE4QmlKZk1CaEFFRGRlS3hVS255MHJYaVVkaGtVYnVtQjE2RnlUdwo5cE8vQkRPVVk1bHc5VisvcDhjb1JvT1YvdFV4Skt5QnZyLzJhT1Z0T1B4Y2NqV3Urejc0dFZhUmhMMjVkaGlnCktQSzltTTdDK3Zwbk9SdnB4OG5ISEp1dHBUcU55ZjViVzFGNnR1OENwbWtkV2pRQjlkZzJPd0hwbnBpU21qTUoKbmF6aWRVUUVPbDZWQWtVRU1EbnZmTkp4dDFZdktDQjFqZEQ3S0syZjdJYnhpb3dPa0RKUm81aHQxK3Vma1h0eQpESGFwZHdUWnBselYweDNFdTg4TExSTUJQcUU1b3B5eTVMMVV2MUM1cHZxTFB1YzIxeUFrM3d0NmJQMD0KLS0tLS1FTkQgUlNBIFBSSVZBVEUgS0VZLS0tLS0K"
    },
    "kind": "Secret",
    "metadata": {
        "creationTimestamp": "2022-12-23T03:02:49Z",
        "name": "domain-cert",
        "namespace": "default",
        "resourceVersion": "1438",
        "uid": "f842ef20-1302-4255-bd4d-1cf2f5b92a78"
    },
    "type": "kubernetes.io/tls"
}

Как выгрузить секрет и сохранить его в файл?

kubectl get secrets -o json > secrets/secrets.json
kubectl get secret domain-cert -o yaml > secrets/domain-cert.yml

Файлы сохранены в директорию secrets.

Как удалить секрет?

kubectl delete secret domain-cert

secret "domain-cert" deleted

Как загрузить секрет из файла?

kubectl apply -f secrets/domain-cert.yml

secret/domain-cert created

Задача 2

Работа с секретами внутри модуля.

Выберите любимый образ контейнера, подключите секреты и проверьте их доступность как в виде переменных окружения, так и в виде примонтированного тома.

Для подключения будет использоваться секрет с сертификатами, созданный в предыдущем задании. Дополнительно будет создан новый секрет со значениями "имя пользователя" и "пароль".

Для начала нужно применить конфигурацию нового секрета в кластере:

kubectl apply -f config/test_secret.yml

Проверка, что секрет был успешно создан:

kubectl get secret

NAME          TYPE                DATA   AGE
domain-cert   kubernetes.io/tls   2      12m
test-secret   Opaque              2      40s

Затем необходимо применить конфигурацию пода с подключёнными секретами config/test_pod.yml:

kubectl apply -f config/test_pod.yml

kubectl get po

NAME       READY   STATUS    RESTARTS   AGE
test-pod   1/1     Running   0          14s

После успешного старта пода нужно подключится к контейнеру и проверить, что переменные окружения были успешно созданы и существуют файлы сертификатов по указанному в конфигурации пути.

kubectl exec -it pods/test-pod -- sh
printenv | grep SOME_
ls -la /etc/nginx/ssl

# printenv
SOME_PASSWORD=pwd
SOME_USER=user

# ls
total 4
drwxrwxrwt    3 root     root           120 Dec 23 03:19 .
drwxr-xr-x    1 root     root          4096 Dec 23 03:19 ..
drwxr-xr-x    2 root     root            80 Dec 23 03:19 ..2022_12_23_03_19_34.2837050582
lrwxrwxrwx    1 root     root            32 Dec 23 03:19 ..data -> ..2022_12_23_03_19_34.2837050582
lrwxrwxrwx    1 root     root            14 Dec 23 03:19 tls.crt -> ..data/tls.crt
lrwxrwxrwx    1 root     root            14 Dec 23 03:19 tls.key -> ..data/tls.key