How to inject secret value to Kubernetes crd?

474 views Asked by At

I want to inject secret values to Kubernetes crd. For example, suppose I have Jaeger crd yaml file, and as the Elasticsearch server-url, password are secret values, I want them to be injected using Vault. When using Deployment, I can inject the secrets using Vault secret, by first creating secrets and loading them from envs in container. However, as crd cannot be done that way, I don't know how to inject the values from outside securely in code. Any ideas?

apiVersion: jaegertracing.io/v1
kind: Jaeger
metadata:
  name: jaeger
spec:
  strategy: production
  collector:
    maxReplicas: {{ .Values.collector.maxReplicas }}
    resources:
{{ toYaml .Values.resources | indent 14 }}
  storage:
    type: elasticsearch
    options:
      es:
        server-urls: {{ .Values.storage.es.server_urls }}
        index-prefix: {{ .Values.storage.es.index_prefix }}
        username: {{ .Values.storage.es.username }}
        password: {{ .Values.storage.es.password }}
0

There are 0 answers