kubernetes-client/python
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
master
python/examples/notebooks/create_secret.ipynb
Kian-Meng Ang 2d299b7a57 Fix typos 
Found via `codespell -S CHANGELOG.md,*.json,*.unprocessed -L querys,couldn`
2023-01-27 11:10:29 +08:00

348 lines
7.2 KiB
Plaintext
Raw Permalink Blame History

{
"cells": [
{
"cell_type": "markdown",
"metadata": {
"deletable": true,
"editable": true
},
"source": [
"How to create and use a Secret\n",
"================\n",
"\n",
"A [Secret](https://kubernetes.io/docs/concepts/configuration/secret/) is an object that contains a small amount of sensitive data such as a password, a token, or a key. In this notebook, we would learn how to create a Secret and how to use Secrets as files from a Pod as seen in https://kubernetes.io/docs/concepts/configuration/secret/#using-secrets"
]
},
{
"cell_type": "code",
"execution_count": null,
"metadata": {
"collapsed": true,
"deletable": true,
"editable": true
},
"outputs": [],
"source": [
"from kubernetes import client, config"
]
},
{
"cell_type": "markdown",
"metadata": {
"deletable": true,
"editable": true
},
"source": [
"### Load config from default location"
]
},
{
"cell_type": "code",
"execution_count": null,
"metadata": {
"collapsed": true,
"deletable": true,
"editable": true
},
"outputs": [],
"source": [
"config.load_kube_config()\n",
"client.configuration.assert_hostname = False"
]
},
{
"cell_type": "markdown",
"metadata": {
"deletable": true,
"editable": true
},
"source": [
"### Create API endpoint instance and API resource instances"
]
},
{
"cell_type": "code",
"execution_count": null,
"metadata": {
"collapsed": true,
"deletable": true,
"editable": true
},
"outputs": [],
"source": [
"api_instance = client.CoreV1Api()\n",
"sec = client.V1Secret()"
]
},
{
"cell_type": "markdown",
"metadata": {
"deletable": true,
"editable": true
},
"source": [
"### Fill required Secret fields"
]
},
{
"cell_type": "code",
"execution_count": null,
"metadata": {
"collapsed": true,
"deletable": true,
"editable": true
},
"outputs": [],
"source": [
"sec.metadata = client.V1ObjectMeta(name=\"mysecret\")\n",
"sec.type = \"Opaque\"\n",
"sec.data = {\"username\": \"bXl1c2VybmFtZQ==\", \"password\": \"bXlwYXNzd29yZA==\"}"
]
},
{
"cell_type": "markdown",
"metadata": {
"deletable": true,
"editable": true
},
"source": [
"### Create Secret"
]
},
{
"cell_type": "code",
"execution_count": null,
"metadata": {
"collapsed": false,
"deletable": true,
"editable": true
},
"outputs": [],
"source": [
"api_instance.create_namespaced_secret(namespace=\"default\", body=sec)"
]
},
{
"cell_type": "markdown",
"metadata": {
"deletable": true,
"editable": true
},
"source": [
"### Create test Pod API resource instances"
]
},
{
"cell_type": "code",
"execution_count": null,
"metadata": {
"collapsed": true,
"deletable": true,
"editable": true
},
"outputs": [],
"source": [
"pod = client.V1Pod()\n",
"spec = client.V1PodSpec()\n",
"pod.metadata = client.V1ObjectMeta(name=\"mypod\")\n",
"container = client.V1Container()\n",
"container.name = \"mypod\"\n",
"container.image = \"redis\""
]
},
{
"cell_type": "markdown",
"metadata": {
"deletable": true,
"editable": true
},
"source": [
"### Add volumeMount which would be used to hold secret"
]
},
{
"cell_type": "code",
"execution_count": null,
"metadata": {
"collapsed": true,
"deletable": true,
"editable": true
},
"outputs": [],
"source": [
"volume_mounts = [client.V1VolumeMount()]\n",
"volume_mounts[0].mount_path = \"/data/redis\"\n",
"volume_mounts[0].name = \"foo\"\n",
"container.volume_mounts = volume_mounts"
]
},
{
"cell_type": "markdown",
"metadata": {
"deletable": true,
"editable": true
},
"source": [
"### Create volume required by secret"
]
},
{
"cell_type": "code",
"execution_count": null,
"metadata": {
"collapsed": true,
"deletable": true,
"editable": true
},
"outputs": [],
"source": [
"spec.volumes = [client.V1Volume(name=\"foo\")]\n",
"spec.volumes[0].secret = client.V1SecretVolumeSource(secret_name=\"mysecret\")"
]
},
{
"cell_type": "code",
"execution_count": null,
"metadata": {
"collapsed": true,
"deletable": true,
"editable": true
},
"outputs": [],
"source": [
"spec.containers = [container]\n",
"pod.spec = spec"
]
},
{
"cell_type": "markdown",
"metadata": {
"deletable": true,
"editable": true
},
"source": [
"### Create the Pod"
]
},
{
"cell_type": "code",
"execution_count": null,
"metadata": {
"collapsed": false,
"deletable": true,
"editable": true
},
"outputs": [],
"source": [
"api_instance.create_namespaced_pod(namespace=\"default\",body=pod)"
]
},
{
"cell_type": "markdown",
"metadata": {
"deletable": true,
"editable": true
},
"source": [
"### View secret being used within the pod\n",
"\n",
"Wait for at least 10 seconds to ensure pod is running before executing this section."
]
},
{
"cell_type": "code",
"execution_count": null,
"metadata": {
"collapsed": false,
"deletable": true,
"editable": true
},
"outputs": [],
"source": [
"user = api_instance.connect_get_namespaced_pod_exec(name=\"mypod\", namespace=\"default\", command=[ \"/bin/sh\", \"-c\", \"cat /data/redis/username\" ], stderr=True, stdin=False, stdout=True, tty=False)\n",
"print(user)\n",
"passwd = api_instance.connect_get_namespaced_pod_exec(name=\"mypod\", namespace=\"default\", command=[ \"/bin/sh\", \"-c\", \"cat /data/redis/password\" ], stderr=True, stdin=False, stdout=True, tty=False)\n",
"print(passwd)"
]
},
{
"cell_type": "markdown",
"metadata": {
"deletable": true,
"editable": true
},
"source": [
"### Delete Pod"
]
},
{
"cell_type": "code",
"execution_count": null,
"metadata": {
"collapsed": false,
"deletable": true,
"editable": true
},
"outputs": [],
"source": [
"api_instance.delete_namespaced_pod(name=\"mypod\", namespace=\"default\", body=client.V1DeleteOptions())"
]
},
{
"cell_type": "markdown",
"metadata": {
"deletable": true,
"editable": true
},
"source": [
"### Delete Secret"
]
},
{
"cell_type": "code",
"execution_count": null,
"metadata": {
"collapsed": false,
"deletable": true,
"editable": true
},
"outputs": [],
"source": [
"api_instance.delete_namespaced_secret(name=\"mysecret\", namespace=\"default\", body=sec)"
]
},
{
"cell_type": "code",
"execution_count": null,
"metadata": {
"collapsed": true,
"deletable": true,
"editable": true
},
"outputs": [],
"source": []
}
],
"metadata": {
"kernelspec": {
"display_name": "Python 2",
"language": "python",
"name": "python2"
},
"language_info": {
"codemirror_mode": {
"name": "ipython",
"version": 2
},
"file_extension": ".py",
"mimetype": "text/x-python",
"name": "python",
"nbconvert_exporter": "python",
"pygments_lexer": "ipython2",
"version": "2.7.6"
}
},
"nbformat": 4,
"nbformat_minor": 2
}
Reference in New Issue View Git Blame Copy Permalink