Secrets storage best practices

This page summarizes the projects mentioned and recommended in the original post on reddit.com/r/kubernetes
#Kubernetes #kubernetes-secrets #Vault #devops-workflow #encrypt-secrets

Our great sponsors
  • InfluxDB - Access the most powerful time series database as a service
  • ONLYOFFICE ONLYOFFICE Docs — document collaboration in your environment
  • SonarQube - Static code analysis for 29 languages.
Our great sponsors

  • sealed-secrets

    A Kubernetes controller and tool for one-way encrypted Secrets

    You could use something like sealed secrets.

  • bank-vaults

    A Vault swiss-army knife: a K8s operator, Go client with automatic token renewal, automatic configuration, multiple unseal options and more. A CLI tool to init, unseal and configure Vault (auth methods, secret engines). Direct secret injection into Pods.

    We use bank vault to inject secrets as environment variables. This does not require changes to the app. A sidecar is automatically added to the pod to retrieve the secrets and inject them in the app runtime. Here’s the link https://github.com/banzaicloud/bank-vaults

  • InfluxDB

    Access the most powerful time series database as a service. Ingest, store, & analyze all types of time series data in a fully-managed, purpose-built database. Keep data forever with low-cost storage and superior data compression.

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts