How to share credentials among different kubernetes namespaces

kubernetes helm logo

Scenario

Lets imagine you have couple projects where:

  • Each is in different namespace
  • All projects (namespaces) are sharing common secrets

What would you do then ?
Unfortunately all settings or secrets are assigned just to specific namespace.

Solution

  • We must create secrets in one space and copy to another.
  • Lets assume we get TLS secrets from one namespace.
kubectl get secrets

kubectl get secret dev-cert  -o yaml > dev-cert.yml 
# to get base64 encoded file
  • Next what we can do is checking this certificate
cat dev-cert.yml | grep -Pio "(?<= tls.crt: )(.+)" | base64 --decode | openssl x509 -text > dev-cert.processed
# in case of mac install grep and execute ggrep command
# To see issuer
cat dev-cert.processed | grep -i "Issuer"
# To see for which domain certificate is
cat dev-cert.processed | grep -i "CN =" 
  • Remember to do the apply for ingress after that

Solution 2

kubectl get secret dev-cert --namespace=first-namespace --export -o yaml | kubectl apply --namespace=second-namespace -f -

Browser check

In order to check if everything has been done properly you can check your domain in the browser (chrome/firefox). Just by clicking lock button.