Setting Kubernetes Secrets

Kubernetes Secrets allow you to securely store and manage sensitive information—such as passwords, tokens, and keys—separately from your application code. This page covers how to define and manage those secrets in DuploCloud.

To securely manage Kubernetes secrets, follow these best practices:

• Utilize Centralized Secret Management Tools to streamline storage, versioning, and access control.

• Implement Access Controls to ensure only authorized users and workloads can access or modify secrets.

• Regularly Rotate Secrets to limit exposure if a secret is compromised.

• Audit Access Logs to monitor for unauthorized access or anomalies.

By using these strategies alongside DuploCloud's interface for Kubernetes secrets, you can enforce secure and maintainable secret management across your environments.

Creating a Kubernetes Secret

1. In the DuploCloud Portal, navigate to Kubernetes -> Secrets.

2. Click Add. The Add Kubernetes Secret pane displays.

   
3. Complete the fields:

1. Click Add to create the secret.

To use this Secret in your application, mount it as a volume in a container.

Creating a multi-line Kubernetes Secret

1. Follow the steps in creating a Kubernetes Secret, defining a Key value using the PRIVATE_KEY_FILENAME in the Secret Details field, as shown below.

   
2. Click Add to create the multi-line secret.

To use this Secret in your application, mount it as a volume in a container.

Troubleshooting Secret Format Issues

When entering a Kubernetes secret with a private key in Duplo, ensure the data is formatted as key/value pairs with all keys and values as strings. If you encounter format errors, it's likely due to non-string values or incorrect multiline string formatting. Use the | character to indicate multiline strings and manually split a single-line private key into multiple lines for compatibility. Matching the format of an existing, working secret can also aid in resolving these issues.