Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Kubernetes - Storing jks file in secrets or configMap

Tags:

kubernetes

I have a keystore.jks file which I need to pass as a env variable for my docker process.

I used the below command to store the file as a secret.

kubectl create secret generic ssl-keystore-cert --from-file=./keystore.jks

Using the above secret in my deployment.yaml as below.

{
            "name": "SERVER_SSL_KEYSTORE",
            "valueFrom": {
              "secretKeyRef": {
                "name": "ssl-keystore-cert",
                "key": "keystore.jks"
              }
            }
          }

Error: failed to start container "app-service": Error response from daemon: oci runtime error: container_linux.go:265: starting container process caused "process_linux.go:368: container init caused \"setenv: invalid argument\"" Back-off restarting failed container

Is there anyway to store the keystore.jks in secret or configmap?

Debug :-

kubectl describe secret ssl-keystore-cert

Name:         ssl-keystore-cert
Labels:       <none>
Annotations:  <none>

Type:  Opaque

Data
====
keystore.jks:  4818 bytes
like image 629
user1578872 Avatar asked Nov 18 '22 15:11

user1578872


1 Answers

In your create secret, you refer to keystore.jks

But in your yaml, you refer to server-ssl.jks

These should be the same key, but they are differet.

To verify the correct key, run:

kubectl describe secrets/ssl-keystore-cert

like image 145
Doug Avatar answered Jan 25 '23 11:01

Doug