The Nautilus DevOps team is working to deploy some tools in Kubernetes cluster. Some of the tools are licence based so that licence information needs to be stored securely within Kubernetes cluster. Therefore, the team wants to utilize Kubernetes secrets to store those secrets. Below you can find more details about the requirements:
We already have a secret key file media.txt under /opt location on jump host. Create a generic secret named media, it should contain the password/license-number present in media.txt file.
Also create a pod named secret-nautilus.
Configure pod’s spec as container name should be secret-container-nautilus, image should be fedora preferably with latest tag (remember to mention the tag with image). Use sleep command for container so that it remains in running state. Consume the created secret and mount it under /opt/apps within the container.
To verify you can exec into the container secret-container-nautilus, to check the secret key under the mounted path /opt/apps. Before hitting the Check button please make sure pod/pods are in running state, also validation can take some time to complete so keep patience.
Note: The kubectl utility on jump_host has been configured to work with the kubernetes cluster.
my code for secret creation
kubectl create secret generic media --from-file=/opt/media.txt
my yaml file for pod creation
apiVersion: v1
kind: Pod
metadata:
name: secret-pod-nautilus
labels:
name: myapp
spec:
volumes:
- name: secret-volume-nautilus
secret:
secretName: media
containers:
- name: secret-container-nautilus
image: fedora:latest
command: ["/bin/bash", "-c", "sleep 10000"]
volumeMounts:
- name: secret-volume-nautilus
mountPath: /opt/apps
readOnly: true
Verification as per the task
thor@jump_host ~$ kubectl get pods
NAME READY STATUS RESTARTS AGE
secret-pod-nautilus 1/1 Running 0 23s
thor@jump_host ~$ kubectl exec secret-pod-nautilus -- cat /opt/apps/media.txt
5ecur3
Everything went ok at my side but when I submitted the task, it takes long time and finally skipping to feedback page. It neither says I did something wrong nor my task is shown failed/success in tasks list. Is there anything I am missing?
//Krishna