Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Add notebook on how to create and use a Secret #301

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 1 commit into from
Aug 28, 2017
Merged

Add notebook on how to create and use a Secret #301

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
347 changes: 347 additions & 0 deletions examples/notebooks/create_secret.ipynb
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,347 @@
{
"cells": [
{
"cell_type": "markdown",
"metadata": {
"deletable": true,
"editable": true
},
"source": [
"How to create and use a Secret\n",
"================\n",
"\n",
"A [Secret](https://kubernetes.io/docs/concepts/configuration/secret/) is an object that contains a small amount of sensitive data such as a password, a token, or a key. In this notebook, we would learn how to create a Secret and how to use Secrets as files from a Pod as seen in https://kubernetes.io/docs/concepts/configuration/secret/#using-secrets"
]
},
{
"cell_type": "code",
"execution_count": null,
"metadata": {
"collapsed": true,
"deletable": true,
"editable": true
},
"outputs": [],
"source": [
"from kubernetes import client, config"
]
},
{
"cell_type": "markdown",
"metadata": {
"deletable": true,
"editable": true
},
"source": [
"### Load config from default location"
]
},
{
"cell_type": "code",
"execution_count": null,
"metadata": {
"collapsed": true,
"deletable": true,
"editable": true
},
"outputs": [],
"source": [
"config.load_kube_config()\n",
"client.configuration.assert_hostname = False"
]
},
{
"cell_type": "markdown",
"metadata": {
"deletable": true,
"editable": true
},
"source": [
"### Create API endpoint instance and API resource instances"
]
},
{
"cell_type": "code",
"execution_count": null,
"metadata": {
"collapsed": true,
"deletable": true,
"editable": true
},
"outputs": [],
"source": [
"api_instance = client.CoreV1Api()\n",
"sec = client.V1Secret()"
]
},
{
"cell_type": "markdown",
"metadata": {
"deletable": true,
"editable": true
},
"source": [
"### Fill required Secret fields"
]
},
{
"cell_type": "code",
"execution_count": null,
"metadata": {
"collapsed": true,
"deletable": true,
"editable": true
},
"outputs": [],
"source": [
"sec.metadata = client.V1ObjectMeta(name=\"mysecret\")\n",
"sec.type = \"Opaque\"\n",
"sec.data = {\"username\": \"bXl1c2VybmFtZQ==\", \"password\": \"bXlwYXNzd29yZA==\"}"
]
},
{
"cell_type": "markdown",
"metadata": {
"deletable": true,
"editable": true
},
"source": [
"### Create Secret"
]
},
{
"cell_type": "code",
"execution_count": null,
"metadata": {
"collapsed": false,
"deletable": true,
"editable": true
},
"outputs": [],
"source": [
"api_instance.create_namespaced_secret(namespace=\"default\", body=sec)"
]
},
{
"cell_type": "markdown",
"metadata": {
"deletable": true,
"editable": true
},
"source": [
"### Create test Pod API resource instances"
]
},
{
"cell_type": "code",
"execution_count": null,
"metadata": {
"collapsed": true,
"deletable": true,
"editable": true
},
"outputs": [],
"source": [
"pod = client.V1Pod()\n",
"spec = client.V1PodSpec()\n",
"pod.metadata = client.V1ObjectMeta(name=\"mypod\")\n",
"container = client.V1Container()\n",
"container.name = \"mypod\"\n",
"container.image = \"redis\""
]
},
{
"cell_type": "markdown",
"metadata": {
"deletable": true,
"editable": true
},
"source": [
"### Add volumeMount which would be used to hold secret"
]
},
{
"cell_type": "code",
"execution_count": null,
"metadata": {
"collapsed": true,
"deletable": true,
"editable": true
},
"outputs": [],
"source": [
"volume_mounts = [client.V1VolumeMount()]\n",
"volume_mounts[0].mount_path = \"/data/redis\"\n",
"volume_mounts[0].name = \"foo\"\n",
"container.volume_mounts = volume_mounts"
]
},
{
"cell_type": "markdown",
"metadata": {
"deletable": true,
"editable": true
},
"source": [
"### Create volume required by secret"
]
},
{
"cell_type": "code",
"execution_count": null,
"metadata": {
"collapsed": true,
"deletable": true,
"editable": true
},
"outputs": [],
"source": [
"spec.volumes = [client.V1Volume(name=\"foo\")]\n",
"spec.volumes[0].secret = client.V1SecretVolumeSource(secret_name=\"mysecret\")"
]
},
{
"cell_type": "code",
"execution_count": null,
"metadata": {
"collapsed": true,
"deletable": true,
"editable": true
},
"outputs": [],
"source": [
"spec.containers = [container]\n",
"pod.spec = spec"
]
},
{
"cell_type": "markdown",
"metadata": {
"deletable": true,
"editable": true
},
"source": [
"### Create the Pod"
]
},
{
"cell_type": "code",
"execution_count": null,
"metadata": {
"collapsed": false,
"deletable": true,
"editable": true
},
"outputs": [],
"source": [
"api_instance.create_namespaced_pod(namespace=\"default\",body=pod)"
]
},
{
"cell_type": "markdown",
"metadata": {
"deletable": true,
"editable": true
},
"source": [
"### View secret being used within the pod\n",
"\n",
"Wait for alteast 10 seconds to ensure pod is running before executing this section."
]
},
{
"cell_type": "code",
"execution_count": null,
"metadata": {
"collapsed": false,
"deletable": true,
"editable": true
},
"outputs": [],
"source": [
"user = api_instance.connect_get_namespaced_pod_exec(name=\"mypod\", namespace=\"default\", command=[ \"/bin/sh\", \"-c\", \"cat /data/redis/username\" ], stderr=True, stdin=False, stdout=True, tty=False)\n",
"print(user)\n",
"passwd = api_instance.connect_get_namespaced_pod_exec(name=\"mypod\", namespace=\"default\", command=[ \"/bin/sh\", \"-c\", \"cat /data/redis/password\" ], stderr=True, stdin=False, stdout=True, tty=False)\n",
"print(passwd)"
]
},
{
"cell_type": "markdown",
"metadata": {
"deletable": true,
"editable": true
},
"source": [
"### Delete Pod"
]
},
{
"cell_type": "code",
"execution_count": null,
"metadata": {
"collapsed": false,
"deletable": true,
"editable": true
},
"outputs": [],
"source": [
"api_instance.delete_namespaced_pod(name=\"mypod\", namespace=\"default\", body=client.V1DeleteOptions())"
]
},
{
"cell_type": "markdown",
"metadata": {
"deletable": true,
"editable": true
},
"source": [
"### Delete Secret"
]
},
{
"cell_type": "code",
"execution_count": null,
"metadata": {
"collapsed": false,
"deletable": true,
"editable": true
},
"outputs": [],
"source": [
"api_instance.delete_namespaced_secret(name=\"mysecret\", namespace=\"default\", body=sec)"
]
},
{
"cell_type": "code",
"execution_count": null,
"metadata": {
"collapsed": true,
"deletable": true,
"editable": true
},
"outputs": [],
"source": []
}
],
"metadata": {
"kernelspec": {
"display_name": "Python 2",
"language": "python",
"name": "python2"
},
"language_info": {
"codemirror_mode": {
"name": "ipython",
"version": 2
},
"file_extension": ".py",
"mimetype": "text/x-python",
"name": "python",
"nbconvert_exporter": "python",
"pygments_lexer": "ipython2",
"version": "2.7.6"
}
},
"nbformat": 4,
"nbformat_minor": 2
}