Name: k8nskel
Owner: Wantedly, Inc.
Description: Kubernetes Controller to distribute Secrets to new Namespace on Kubernetes.
Created: 2017-08-29 03:00:44.0
Updated: 2017-09-05 07:17:27.0
Pushed: 2018-03-09 16:32:30.0
Size: 21
Language: Go
GitHub Committers
User | Most Recent Commit | # Commits |
---|
Other Committers
User | Most Recent Commit | # Commits |
---|
Kubernetes Controller to distribute Secrets to new Namespace on Kubernetes.
t clone git@github.com:wantedly/k8nskel.git
k8nskel
ke deps
ke
Docker image is available at quay.io/wantedly/k8nskel
.
|Name|Description|Default value|
|-|-|-|
|K8NSKEL_ORIGIN|Name of the namespace from which the secret is copied.|“k8nskel-origin”|
|K8NSKEL_IGNORE_DEST|CSV list of namespaces that does not reflect secrets in K8NSKEL_ORIGIN
is added/modified/deleted. It is not reflected in K8NSKEL_ORIGIN
by default.|“kube-public,kube-system”|
k8nskel copies all secrets in K8NSKEL_ORIGIN
namespace to the new namespace.
Also, when secrets in K8NSKEL_ORIGIN
is created/modified/deleted, it reflects its secrets to other namespaces than namespace set toK8NSKEL_IGNORE_DEST
.
Create K8NSKEL_ORIGIN
namespace.
g.
bectl create namespace k8nskel-origin
Create k8nskel
deployment.
g.
bectl run --rm -i k8nskel --image=quay.io/wantedly/k8nskel:latest
Create a secret.
g.
bectl --namespace k8nskel-origin create secret generic secret1 --from-literal=key1=supersecret
Create a new namespace.
g.
bectl create namespace new-namespace
Get secrets of new namespace. The secret created earlier should be displayed.
g.
bectl --namespace k8nskel-origin get secret
Add a secret in K8NSKEL_ORIGIN
. The same secret should have been added to other namespaces.
g.
bectl --namespace k8nskel-origin create secret generic secret2 --from-literal=key2=supersecret
bectl --namespace new-namespace get secret
Modify a secret in K8NSKEL_ORIGIN
. The same secret should have been modified in other namespaces.
g.
bectl --namespace k8nskel-origin edit secret secret2
bectl --namespace new-namespace describe secret secret2
Delete a secret in K8NSKEL_ORIGIN
. The same secret should have been deleted from other namespaces.
g.
bectl --namespace k8nskel-origin delete secret secret2
bectl --namespace new-namespace get secret
ersion: v1
: Namespace
data:
me: k8nskel-origin
ersion: extensions/v1beta1
: Deployment
data:
me: k8nskel
mespace: k8nskel-origin
bels:
name: k8nskel
:
plicas: 1
mplate:
metadata:
name: k8nskel
labels:
name: k8nskel
spec:
containers:
- name: k8nskel
image: quay.io/wantedly/k8nskel:latest