Kubernetes Secrets Management: Beyond the Basics
A Kubernetes Secret is not actually secret. That’s a hard sentence to sit with, especially if you’ve been dutifully creating Secret objects and patting yourself on the back for not hardcoding credentials in your ConfigMap. The problem runs deeper than most teams realize, and it doesn’t get fixed by following the basic Kubernetes documentation. This post is about what actually works, at different scales, with honest tradeoffs for each approach. ...