Setting Kubernetes Secrets

Set and manage Kubernetes Secrets in the DuploCloud Portal, including troubleshooting format issues.

Kubernetes Secrets allow you to securely store and manage sensitive information—such as passwords, tokens, and keys—separately from your application code. This page covers how to define and manage those secrets in DuploCloud.

To securely manage Kubernetes secrets, follow these best practices:

  • Utilize Centralized Secret Management Tools to streamline storage, versioning, and access control.

  • Implement Access Controls to ensure only authorized users and workloads can access or modify secrets.

  • Regularly Rotate Secrets to limit exposure if a secret is compromised.

  • Audit Access Logs to monitor for unauthorized access or anomalies.

By using these strategies alongside DuploCloud's interface for Kubernetes secrets, you can enforce secure and maintainable secret management across your environments.

Creating a Kubernetes Secret

  1. In the DuploCloud Portal, navigate to Kubernetes -> Secrets.

  2. Click Add. The Add Kubernetes Secret pane displays.

    Add Kubernetes Secret pane
  3. Complete the fields:

Secret Name

A unique name for the secret (e.g., my-secret-files).

Secret Type

Enter the Kubernetes secret type (e.g., Opaque, kubernetes.io/dockerconfigjson, etc). Choose Opaque for generic key/value pairs.

Secret Details

Enter the key/value pairs that make up the secret. Use the format key: value per line, where the key is the filename and the value is its contents.

  1. Click Add to create the secret.

To use this Secret in your application, mount it as a volume in a container.

Creating a multi-line Kubernetes Secret

  1. Follow the steps in creating a Kubernetes Secret, defining a Key value using the PRIVATE_KEY_FILENAME in the Secret Details field, as shown below.

  2. Click Add to create the multi-line secret.

To use this Secret in your application, mount it as a volume in a container.

The Kubernetes Secrets page in the DuploCloud Portal

Troubleshooting Secret Format Issues

When entering a Kubernetes secret with a private key in Duplo, ensure the data is formatted as key/value pairs with all keys and values as strings. If you encounter format errors, it's likely due to non-string values or incorrect multiline string formatting. Use the | character to indicate multiline strings and manually split a single-line private key into multiple lines for compatibility. Matching the format of an existing, working secret can also aid in resolving these issues.

Last updated

Was this helpful?