SlideShare une entreprise Scribd logo

Kubernetes secret introduction

Télécharger en tant que PPTX, PDF
Evan Lin
Evan Lin

Introduction how to use Kubernetes secret

Internet
1  sur  12
Kubernetes Secret Evan Lin
Kubernetes Authentication and Authorization
Authorization - Access Control ● ABAC (Attribute-Based Access Control) ○ Specific every access control by attribute.
Authorization - Access Control ● RBAC (Role-Based Access Control) ○ Specific every access control by attribute.
Kubernetes Account Type User Account Service Acccount Identifier for User Process (run in Pod) Scope Global By namespace, process Config Simple Much Complex
How to create Service Account ● Service Account: ○ Combination of “SECRET”s. ● Create by command ○ kubectl create serviceaccount jenkins ● Create by yaml ○ apiVersion: v1 kind: ServiceAccount metadata: name: build-robot ○ kubectl create -f /tmp/serviceaccount.yaml serviceaccounts/build-robot
SECRET ● Object Storage: ○ OAuth token, SSH Keys. ● Use for: ○ Pod: ■ One pod can assign multiple secrets ○ Service Account: ■ One service account owns multiple secrets ○ Image Pull ■ A sec.ImagePullSecrets is a secret to login private docker registry. ● How to use it: ○ Use it from “Environment Variables” ○ Use it from “Secret Mount”
Secret: Prepare secret ● Secret File: (my_password_secret.yaml) apiVersion: v1 kind: Secret metadata: name: mysecret type: Opaque data: password: MWYyZDFlMmU2N2Rm //1f2d1e2e67df username: YWRtaW4= //admin ● How to use it: ○ Put it into system: ■ kubectl create -f ./secret.yaml
Secret: Use Case - Environment Variable ● Pod File: (pod_with_secret.yaml) ● How to use it: ○ Put it into system: ■ kubectl create -f ./pod_with_secret.yaml
Secret: Use Case - Security Volume ● Pod File: (secret_volumn.json) ● How to use it: ○ Put it into system: ■ kubectl create -f ./secret_volumn.json
Authenitication: httpd Refer to walkthrough: https://github.com/aledbf/contrib/blob/6d61ea81bb0bdbbc115cd6a6e9c59ef 653afb213/ingress/controllers/nginx/examples/auth/README.md
OAuth Server List ● Go: OpenID Connect Identity (OIDC) and OAuth 2.0 Provider with Pluggable Connectors ● Go: Auth Boss ● Go: OAuth2 ● Go: Docker registry oauth server ● Ruby: OAuth server with UI management system

Recommandé

GraniteDS 360|Flex DC
GraniteDS 360|Flex DCGraniteDS 360|Flex DC
GraniteDS 360|Flex DCwdrai
 
Web3j 2.0 Update
Web3j 2.0 UpdateWeb3j 2.0 Update
Web3j 2.0 UpdateConor Svensson
 
Building Java and Android apps on the blockchain
Building Java and Android apps on the blockchain Building Java and Android apps on the blockchain
Building Java and Android apps on the blockchain Conor Svensson
 
What cloud changes the developer
What cloud changes the developerWhat cloud changes the developer
What cloud changes the developerSimon Su
 
Universal JS Applications with React
Universal JS Applications with ReactUniversal JS Applications with React
Universal JS Applications with ReactThanh Trần Trọng
 
Building mobile apps with Realm for React Native
Building mobile apps with Realm for React NativeBuilding mobile apps with Realm for React Native
Building mobile apps with Realm for React NativeKenneth Geisshirt
 
Web App Prototypes with Google App Engine
Web App Prototypes with Google App EngineWeb App Prototypes with Google App Engine
Web App Prototypes with Google App EngineVlad Filippov
 
Ускоряем загрузку картинок вебсокетами
Ускоряем загрузку картинок вебсокетамиУскоряем загрузку картинок вебсокетами
Ускоряем загрузку картинок вебсокетами2ГИС Технологии
 

Recommandé

GraniteDS 360|Flex DC
GraniteDS 360|Flex DCGraniteDS 360|Flex DC
GraniteDS 360|Flex DCwdrai
 
Web3j 2.0 Update
Web3j 2.0 UpdateWeb3j 2.0 Update
Web3j 2.0 UpdateConor Svensson
 
Building Java and Android apps on the blockchain
Building Java and Android apps on the blockchain Building Java and Android apps on the blockchain
Building Java and Android apps on the blockchain Conor Svensson
 
What cloud changes the developer
What cloud changes the developerWhat cloud changes the developer
What cloud changes the developerSimon Su
 
Universal JS Applications with React
Universal JS Applications with ReactUniversal JS Applications with React
Universal JS Applications with ReactThanh Trần Trọng
 
Building mobile apps with Realm for React Native
Building mobile apps with Realm for React NativeBuilding mobile apps with Realm for React Native
Building mobile apps with Realm for React NativeKenneth Geisshirt
 
Web App Prototypes with Google App Engine
Web App Prototypes with Google App EngineWeb App Prototypes with Google App Engine
Web App Prototypes with Google App EngineVlad Filippov
 
Ускоряем загрузку картинок вебсокетами
Ускоряем загрузку картинок вебсокетамиУскоряем загрузку картинок вебсокетами
Ускоряем загрузку картинок вебсокетами2ГИС Технологии
 
Perl Tools for Productivity
Perl Tools for ProductivityPerl Tools for Productivity
Perl Tools for ProductivityTudor Constantin
 
Design Summit - Security Roadmap - Keenan Brock, Alberto Bellotti
Design Summit - Security Roadmap - Keenan Brock, Alberto BellottiDesign Summit - Security Roadmap - Keenan Brock, Alberto Bellotti
Design Summit - Security Roadmap - Keenan Brock, Alberto BellottiManageIQ
 
Azure functions: from a function to a whole application in 60 minutes
Azure functions: from a function to a whole application in 60 minutesAzure functions: from a function to a whole application in 60 minutes
Azure functions: from a function to a whole application in 60 minutesAlessandro Melchiori
 
Don't Fear the Platform
Don't Fear the PlatformDon't Fear the Platform
Don't Fear the PlatformESUG
 
casperjs presentation
casperjs presentation casperjs presentation
casperjs presentationAnsviaLab
 
Local Lambda Debugging
Local Lambda DebuggingLocal Lambda Debugging
Local Lambda DebuggingMatt Billock
 
AWS ElasticBeanstalk and Docker
AWS ElasticBeanstalk and Docker AWS ElasticBeanstalk and Docker
AWS ElasticBeanstalk and Docker kloia
 
JS & NodeJS - An Introduction
JS & NodeJS - An IntroductionJS & NodeJS - An Introduction
JS & NodeJS - An IntroductionNirvanic Labs
 
Clojure web dev history
Clojure web dev historyClojure web dev history
Clojure web dev historyIkuru Kanuma
 
Dynamic management of kubernetes
Dynamic management of kubernetesDynamic management of kubernetes
Dynamic management of kubernetesMartin Podval
 
Kubernetes Security Updates from Kubecon 2018 Seattle
Kubernetes Security Updates from Kubecon 2018 SeattleKubernetes Security Updates from Kubecon 2018 Seattle
Kubernetes Security Updates from Kubecon 2018 SeattleSuraj Deshmukh
 
Kubernetes #3 security
Kubernetes #3 securityKubernetes #3 security
Kubernetes #3 securityTerry Cho
 
[APIdays Paris 2019] From Microservices to APIs: The API operator in Kubernetes
[APIdays Paris 2019] From Microservices to APIs: The API operator in Kubernetes[APIdays Paris 2019] From Microservices to APIs: The API operator in Kubernetes
[APIdays Paris 2019] From Microservices to APIs: The API operator in KubernetesWSO2
 
Role based access control - RBAC - Kubernetes
Role based access control - RBAC - KubernetesRole based access control - RBAC - Kubernetes
Role based access control - RBAC - KubernetesMilan Das
 
Defcon 27 - Exploiting IAM in GCP
Defcon 27 - Exploiting IAM in GCPDefcon 27 - Exploiting IAM in GCP
Defcon 27 - Exploiting IAM in GCPNetskope
 
Exploiting IAM in GCP
Exploiting IAM in GCPExploiting IAM in GCP
Exploiting IAM in GCPColin Estep
 
Exploiting IAM in the google cloud platform - dani_goland_mohsan_farid
Exploiting IAM in the google cloud platform - dani_goland_mohsan_faridExploiting IAM in the google cloud platform - dani_goland_mohsan_farid
Exploiting IAM in the google cloud platform - dani_goland_mohsan_faridCloudVillage
 
Kubernetes security with AWS
Kubernetes security with AWSKubernetes security with AWS
Kubernetes security with AWSKasun Madura Rathnayaka
 
Kubernetes with docker
Kubernetes with dockerKubernetes with docker
Kubernetes with dockerDocker, Inc.
 
Lamdba micro service using Amazon Api Gateway
Lamdba micro service using Amazon Api GatewayLamdba micro service using Amazon Api Gateway
Lamdba micro service using Amazon Api GatewayMike Becker
 
Extending kubernetes
Extending kubernetesExtending kubernetes
Extending kubernetesGigi Sayfan
 
Engineering Domain Team Bootstrap
Engineering Domain Team BootstrapEngineering Domain Team Bootstrap
Engineering Domain Team BootstrapGunnarHolwerda
 

Contenu connexe

Tendances

Perl Tools for Productivity
Perl Tools for ProductivityPerl Tools for Productivity
Perl Tools for ProductivityTudor Constantin
 
Design Summit - Security Roadmap - Keenan Brock, Alberto Bellotti
Design Summit - Security Roadmap - Keenan Brock, Alberto BellottiDesign Summit - Security Roadmap - Keenan Brock, Alberto Bellotti
Design Summit - Security Roadmap - Keenan Brock, Alberto BellottiManageIQ
 
Azure functions: from a function to a whole application in 60 minutes
Azure functions: from a function to a whole application in 60 minutesAzure functions: from a function to a whole application in 60 minutes
Azure functions: from a function to a whole application in 60 minutesAlessandro Melchiori
 
Don't Fear the Platform
Don't Fear the PlatformDon't Fear the Platform
Don't Fear the PlatformESUG
 
casperjs presentation
casperjs presentation casperjs presentation
casperjs presentationAnsviaLab
 
Local Lambda Debugging
Local Lambda DebuggingLocal Lambda Debugging
Local Lambda DebuggingMatt Billock
 
AWS ElasticBeanstalk and Docker
AWS ElasticBeanstalk and Docker AWS ElasticBeanstalk and Docker
AWS ElasticBeanstalk and Docker kloia
 
JS & NodeJS - An Introduction
JS & NodeJS - An IntroductionJS & NodeJS - An Introduction
JS & NodeJS - An IntroductionNirvanic Labs
 
Clojure web dev history
Clojure web dev historyClojure web dev history
Clojure web dev historyIkuru Kanuma
 
Dynamic management of kubernetes
Dynamic management of kubernetesDynamic management of kubernetes
Dynamic management of kubernetesMartin Podval
 

Tendances (10)

Perl Tools for Productivity
Perl Tools for ProductivityPerl Tools for Productivity
Perl Tools for Productivity
 
Design Summit - Security Roadmap - Keenan Brock, Alberto Bellotti
Design Summit - Security Roadmap - Keenan Brock, Alberto BellottiDesign Summit - Security Roadmap - Keenan Brock, Alberto Bellotti
Design Summit - Security Roadmap - Keenan Brock, Alberto Bellotti
 
Azure functions: from a function to a whole application in 60 minutes
Azure functions: from a function to a whole application in 60 minutesAzure functions: from a function to a whole application in 60 minutes
Azure functions: from a function to a whole application in 60 minutes
 
Don't Fear the Platform
Don't Fear the PlatformDon't Fear the Platform
Don't Fear the Platform
 
casperjs presentation
casperjs presentation casperjs presentation
casperjs presentation
 
Local Lambda Debugging
Local Lambda DebuggingLocal Lambda Debugging
Local Lambda Debugging
 
AWS ElasticBeanstalk and Docker
AWS ElasticBeanstalk and Docker AWS ElasticBeanstalk and Docker
AWS ElasticBeanstalk and Docker
 
JS & NodeJS - An Introduction
JS & NodeJS - An IntroductionJS & NodeJS - An Introduction
JS & NodeJS - An Introduction
 
Clojure web dev history
Clojure web dev historyClojure web dev history
Clojure web dev history
 
Dynamic management of kubernetes
Dynamic management of kubernetesDynamic management of kubernetes
Dynamic management of kubernetes
 

Similaire à Kubernetes secret introduction

Kubernetes Security Updates from Kubecon 2018 Seattle
Kubernetes Security Updates from Kubecon 2018 SeattleKubernetes Security Updates from Kubecon 2018 Seattle
Kubernetes Security Updates from Kubecon 2018 SeattleSuraj Deshmukh
 
Kubernetes #3 security
Kubernetes #3 securityKubernetes #3 security
Kubernetes #3 securityTerry Cho
 
[APIdays Paris 2019] From Microservices to APIs: The API operator in Kubernetes
[APIdays Paris 2019] From Microservices to APIs: The API operator in Kubernetes[APIdays Paris 2019] From Microservices to APIs: The API operator in Kubernetes
[APIdays Paris 2019] From Microservices to APIs: The API operator in KubernetesWSO2
 
Role based access control - RBAC - Kubernetes
Role based access control - RBAC - KubernetesRole based access control - RBAC - Kubernetes
Role based access control - RBAC - KubernetesMilan Das
 
Defcon 27 - Exploiting IAM in GCP
Defcon 27 - Exploiting IAM in GCPDefcon 27 - Exploiting IAM in GCP
Defcon 27 - Exploiting IAM in GCPNetskope
 
Exploiting IAM in GCP
Exploiting IAM in GCPExploiting IAM in GCP
Exploiting IAM in GCPColin Estep
 
Exploiting IAM in the google cloud platform - dani_goland_mohsan_farid
Exploiting IAM in the google cloud platform - dani_goland_mohsan_faridExploiting IAM in the google cloud platform - dani_goland_mohsan_farid
Exploiting IAM in the google cloud platform - dani_goland_mohsan_faridCloudVillage
 
Kubernetes with docker
Kubernetes with dockerKubernetes with docker
Kubernetes with dockerDocker, Inc.
 
Lamdba micro service using Amazon Api Gateway
Lamdba micro service using Amazon Api GatewayLamdba micro service using Amazon Api Gateway
Lamdba micro service using Amazon Api GatewayMike Becker
 
Extending kubernetes
Extending kubernetesExtending kubernetes
Extending kubernetesGigi Sayfan
 
Engineering Domain Team Bootstrap
Engineering Domain Team BootstrapEngineering Domain Team Bootstrap
Engineering Domain Team BootstrapGunnarHolwerda
 
Attacking and Defending Kubernetes - Nithin Jois
Attacking and Defending Kubernetes - Nithin JoisAttacking and Defending Kubernetes - Nithin Jois
Attacking and Defending Kubernetes - Nithin JoisOWASP Hacker Thursday
 
CactusCon 2019: Exploiting IAM in GCP
CactusCon 2019: Exploiting IAM in GCPCactusCon 2019: Exploiting IAM in GCP
CactusCon 2019: Exploiting IAM in GCPColin Estep
 
DevOpsDaysRiga 2018: Andrew Martin - Continuous Kubernetes Security
DevOpsDaysRiga 2018: Andrew Martin - Continuous Kubernetes Security DevOpsDaysRiga 2018: Andrew Martin - Continuous Kubernetes Security
DevOpsDaysRiga 2018: Andrew Martin - Continuous Kubernetes Security DevOpsDays Riga
 
How to Install and Configure your own Identity Manager GE
How to Install and Configure your own Identity Manager GEHow to Install and Configure your own Identity Manager GE
How to Install and Configure your own Identity Manager GEFederico Fernández Moreno
 
How to Install & Configure Your Own Identity Manager GE
How to Install & Configure Your Own Identity Manager GEHow to Install & Configure Your Own Identity Manager GE
How to Install & Configure Your Own Identity Manager GEFIWARE
 
在 LINE 私有雲中使用 Managed Kubernetes
在 LINE 私有雲中使用 Managed Kubernetes在 LINE 私有雲中使用 Managed Kubernetes
在 LINE 私有雲中使用 Managed KubernetesLINE Corporation
 

Similaire à Kubernetes secret introduction (20)

Kubernetes Security Updates from Kubecon 2018 Seattle
Kubernetes Security Updates from Kubecon 2018 SeattleKubernetes Security Updates from Kubecon 2018 Seattle
Kubernetes Security Updates from Kubecon 2018 Seattle
 
Kubernetes #3 security
Kubernetes #3 securityKubernetes #3 security
Kubernetes #3 security
 
[APIdays Paris 2019] From Microservices to APIs: The API operator in Kubernetes
[APIdays Paris 2019] From Microservices to APIs: The API operator in Kubernetes[APIdays Paris 2019] From Microservices to APIs: The API operator in Kubernetes
[APIdays Paris 2019] From Microservices to APIs: The API operator in Kubernetes
 
Role based access control - RBAC - Kubernetes
Role based access control - RBAC - KubernetesRole based access control - RBAC - Kubernetes
Role based access control - RBAC - Kubernetes
 
Defcon 27 - Exploiting IAM in GCP
Defcon 27 - Exploiting IAM in GCPDefcon 27 - Exploiting IAM in GCP
Defcon 27 - Exploiting IAM in GCP
 
Exploiting IAM in GCP
Exploiting IAM in GCPExploiting IAM in GCP
Exploiting IAM in GCP
 
Exploiting IAM in the google cloud platform - dani_goland_mohsan_farid
Exploiting IAM in the google cloud platform - dani_goland_mohsan_faridExploiting IAM in the google cloud platform - dani_goland_mohsan_farid
Exploiting IAM in the google cloud platform - dani_goland_mohsan_farid
 
Kubernetes security with AWS
Kubernetes security with AWSKubernetes security with AWS
Kubernetes security with AWS
 
Kubernetes with docker
Kubernetes with dockerKubernetes with docker
Kubernetes with docker
 
Lamdba micro service using Amazon Api Gateway
Lamdba micro service using Amazon Api GatewayLamdba micro service using Amazon Api Gateway
Lamdba micro service using Amazon Api Gateway
 
Extending kubernetes
Extending kubernetesExtending kubernetes
Extending kubernetes
 
Engineering Domain Team Bootstrap
Engineering Domain Team BootstrapEngineering Domain Team Bootstrap
Engineering Domain Team Bootstrap
 
Kubernetes 101 for_penetration_testers_-_null_mumbai
Kubernetes 101 for_penetration_testers_-_null_mumbaiKubernetes 101 for_penetration_testers_-_null_mumbai
Kubernetes 101 for_penetration_testers_-_null_mumbai
 
K8s identity management
K8s identity managementK8s identity management
K8s identity management
 
Attacking and Defending Kubernetes - Nithin Jois
Attacking and Defending Kubernetes - Nithin JoisAttacking and Defending Kubernetes - Nithin Jois
Attacking and Defending Kubernetes - Nithin Jois
 
CactusCon 2019: Exploiting IAM in GCP
CactusCon 2019: Exploiting IAM in GCPCactusCon 2019: Exploiting IAM in GCP
CactusCon 2019: Exploiting IAM in GCP
 
DevOpsDaysRiga 2018: Andrew Martin - Continuous Kubernetes Security
DevOpsDaysRiga 2018: Andrew Martin - Continuous Kubernetes Security DevOpsDaysRiga 2018: Andrew Martin - Continuous Kubernetes Security
DevOpsDaysRiga 2018: Andrew Martin - Continuous Kubernetes Security
 
How to Install and Configure your own Identity Manager GE
How to Install and Configure your own Identity Manager GEHow to Install and Configure your own Identity Manager GE
How to Install and Configure your own Identity Manager GE
 
How to Install & Configure Your Own Identity Manager GE
How to Install & Configure Your Own Identity Manager GEHow to Install & Configure Your Own Identity Manager GE
How to Install & Configure Your Own Identity Manager GE
 
在 LINE 私有雲中使用 Managed Kubernetes
在 LINE 私有雲中使用 Managed Kubernetes在 LINE 私有雲中使用 Managed Kubernetes
在 LINE 私有雲中使用 Managed Kubernetes
 

Plus de Evan Lin

好書分享: 一人公司 Company Of One
好書分享: 一人公司 Company Of One好書分享: 一人公司 Company Of One
好書分享: 一人公司 Company Of OneEvan Lin
 
How to master a programming language: a Golang example"
How to master a programming language: a Golang example"How to master a programming language: a Golang example"
How to master a programming language: a Golang example"Evan Lin
 
Golang taipei #45 10th birthday
Golang taipei #45 10th birthdayGolang taipei #45 10th birthday
Golang taipei #45 10th birthdayEvan Lin
 
How I become Go GDE
How I become Go GDEHow I become Go GDE
How I become Go GDEEvan Lin
 
iThome Modern Web 2018: 如何打造高效的機器學習平台
iThome Modern Web 2018: 如何打造高效的機器學習平台iThome Modern Web 2018: 如何打造高效的機器學習平台
iThome Modern Web 2018: 如何打造高效的機器學習平台Evan Lin
 
Consistent hashing algorithmic tradeoffs
Consistent hashing algorithmic tradeoffsConsistent hashing algorithmic tradeoffs
Consistent hashing algorithmic tradeoffsEvan Lin
 
GTG30: Introduction vgo
GTG30: Introduction vgoGTG30: Introduction vgo
GTG30: Introduction vgoEvan Lin
 
Kubernetes v.s. mesos
Kubernetes v.s. mesosKubernetes v.s. mesos
Kubernetes v.s. mesosEvan Lin
 
iTHome Gopher Day 2017: What can Golang do? (Using project 52 as examples)
iTHome Gopher Day 2017: What can Golang do? (Using project 52 as examples)iTHome Gopher Day 2017: What can Golang do? (Using project 52 as examples)
iTHome Gopher Day 2017: What can Golang do? (Using project 52 as examples)Evan Lin
 
iThome Cloud Summit: The next generation of data center: Machine Intelligent ...
iThome Cloud Summit: The next generation of data center: Machine Intelligent ...iThome Cloud Summit: The next generation of data center: Machine Intelligent ...
iThome Cloud Summit: The next generation of data center: Machine Intelligent ...Evan Lin
 
iThome Chatbot Day: 透過 Golang 無痛建置機器學習聊天機器人
iThome Chatbot Day: 透過 Golang 無痛建置機器學習聊天機器人iThome Chatbot Day: 透過 Golang 無痛建置機器學習聊天機器人
iThome Chatbot Day: 透過 Golang 無痛建置機器學習聊天機器人Evan Lin
 
Google APAC Machine Learning Expert Day
Google APAC Machine Learning Expert DayGoogle APAC Machine Learning Expert Day
Google APAC Machine Learning Expert DayEvan Lin
 
如何透過 Golang 與 Heroku 來一鍵部署 臉書機器人與 Line Bot
如何透過 Golang 與 Heroku 來一鍵部署 臉書機器人與 Line Bot如何透過 Golang 與 Heroku 來一鍵部署 臉書機器人與 Line Bot
如何透過 Golang 與 Heroku 來一鍵部署 臉書機器人與 Line BotEvan Lin
 
Use go channel to write a disk queue
Use go channel to write a disk queueUse go channel to write a disk queue
Use go channel to write a disk queueEvan Lin
 
Gopher Taiwan Gathering #16: Build a smart bot via Golang
Gopher Taiwan Gathering #16: Build a smart bot via GolangGopher Taiwan Gathering #16: Build a smart bot via Golang
Gopher Taiwan Gathering #16: Build a smart bot via GolangEvan Lin
 
Docker swarm introduction
Docker swarm introductionDocker swarm introduction
Docker swarm introductionEvan Lin
 
COSCUP 2016: Project 52 每週一個小專案來學習 Golang
COSCUP 2016: Project 52 每週一個小專案來學習 GolangCOSCUP 2016: Project 52 每週一個小專案來學習 Golang
COSCUP 2016: Project 52 每週一個小專案來學習 GolangEvan Lin
 
Modern Web 2016: Using Golang to build a smart IM Bot
Modern Web 2016: Using Golang to build a smart IM Bot Modern Web 2016: Using Golang to build a smart IM Bot
Modern Web 2016: Using Golang to build a smart IM Bot Evan Lin
 
Docker introduction in Hardware Company
Docker introduction in Hardware CompanyDocker introduction in Hardware Company
Docker introduction in Hardware CompanyEvan Lin
 
Host Line Bot with Golang
Host Line Bot with GolangHost Line Bot with Golang
Host Line Bot with GolangEvan Lin
 

Plus de Evan Lin (20)

好書分享: 一人公司 Company Of One
好書分享: 一人公司 Company Of One好書分享: 一人公司 Company Of One
好書分享: 一人公司 Company Of One
 
How to master a programming language: a Golang example"
How to master a programming language: a Golang example"How to master a programming language: a Golang example"
How to master a programming language: a Golang example"
 
Golang taipei #45 10th birthday
Golang taipei #45 10th birthdayGolang taipei #45 10th birthday
Golang taipei #45 10th birthday
 
How I become Go GDE
How I become Go GDEHow I become Go GDE
How I become Go GDE
 
iThome Modern Web 2018: 如何打造高效的機器學習平台
iThome Modern Web 2018: 如何打造高效的機器學習平台iThome Modern Web 2018: 如何打造高效的機器學習平台
iThome Modern Web 2018: 如何打造高效的機器學習平台
 
Consistent hashing algorithmic tradeoffs
Consistent hashing algorithmic tradeoffsConsistent hashing algorithmic tradeoffs
Consistent hashing algorithmic tradeoffs
 
GTG30: Introduction vgo
GTG30: Introduction vgoGTG30: Introduction vgo
GTG30: Introduction vgo
 
Kubernetes v.s. mesos
Kubernetes v.s. mesosKubernetes v.s. mesos
Kubernetes v.s. mesos
 
iTHome Gopher Day 2017: What can Golang do? (Using project 52 as examples)
iTHome Gopher Day 2017: What can Golang do? (Using project 52 as examples)iTHome Gopher Day 2017: What can Golang do? (Using project 52 as examples)
iTHome Gopher Day 2017: What can Golang do? (Using project 52 as examples)
 
iThome Cloud Summit: The next generation of data center: Machine Intelligent ...
iThome Cloud Summit: The next generation of data center: Machine Intelligent ...iThome Cloud Summit: The next generation of data center: Machine Intelligent ...
iThome Cloud Summit: The next generation of data center: Machine Intelligent ...
 
iThome Chatbot Day: 透過 Golang 無痛建置機器學習聊天機器人
iThome Chatbot Day: 透過 Golang 無痛建置機器學習聊天機器人iThome Chatbot Day: 透過 Golang 無痛建置機器學習聊天機器人
iThome Chatbot Day: 透過 Golang 無痛建置機器學習聊天機器人
 
Google APAC Machine Learning Expert Day
Google APAC Machine Learning Expert DayGoogle APAC Machine Learning Expert Day
Google APAC Machine Learning Expert Day
 
如何透過 Golang 與 Heroku 來一鍵部署 臉書機器人與 Line Bot
如何透過 Golang 與 Heroku 來一鍵部署 臉書機器人與 Line Bot如何透過 Golang 與 Heroku 來一鍵部署 臉書機器人與 Line Bot
如何透過 Golang 與 Heroku 來一鍵部署 臉書機器人與 Line Bot
 
Use go channel to write a disk queue
Use go channel to write a disk queueUse go channel to write a disk queue
Use go channel to write a disk queue
 
Gopher Taiwan Gathering #16: Build a smart bot via Golang
Gopher Taiwan Gathering #16: Build a smart bot via GolangGopher Taiwan Gathering #16: Build a smart bot via Golang
Gopher Taiwan Gathering #16: Build a smart bot via Golang
 
Docker swarm introduction
Docker swarm introductionDocker swarm introduction
Docker swarm introduction
 
COSCUP 2016: Project 52 每週一個小專案來學習 Golang
COSCUP 2016: Project 52 每週一個小專案來學習 GolangCOSCUP 2016: Project 52 每週一個小專案來學習 Golang
COSCUP 2016: Project 52 每週一個小專案來學習 Golang
 
Modern Web 2016: Using Golang to build a smart IM Bot
Modern Web 2016: Using Golang to build a smart IM Bot Modern Web 2016: Using Golang to build a smart IM Bot
Modern Web 2016: Using Golang to build a smart IM Bot
 
Docker introduction in Hardware Company
Docker introduction in Hardware CompanyDocker introduction in Hardware Company
Docker introduction in Hardware Company
 
Host Line Bot with Golang
Host Line Bot with GolangHost Line Bot with Golang
Host Line Bot with Golang
 

Dernier

Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...Delhi Call girls
 
Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
CALL ON ➥8923113531 🔝Call Girls Lucknow Lucknow best sexual service Online
CALL ON ➥8923113531 🔝Call Girls Lucknow Lucknow best sexual service OnlineCALL ON ➥8923113531 🔝Call Girls Lucknow Lucknow best sexual service Online
CALL ON ➥8923113531 🔝Call Girls Lucknow Lucknow best sexual service Onlineanilsa9823
 
Russian Call girl in Ajman +971563133746 Ajman Call girl Service
Russian Call girl in Ajman +971563133746 Ajman Call girl ServiceRussian Call girl in Ajman +971563133746 Ajman Call girl Service
Russian Call girl in Ajman +971563133746 Ajman Call girl Servicegwenoracqe6
 
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...Escorts Call Girls
 
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)Delhi Call girls
 
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445ruhi
 
✂️ 👅 Independent Andheri Escorts With Room Vashi Call Girls 💃 9004004663
✂️ 👅 Independent Andheri Escorts With Room Vashi Call Girls 💃 9004004663✂️ 👅 Independent Andheri Escorts With Room Vashi Call Girls 💃 9004004663
✂️ 👅 Independent Andheri Escorts With Room Vashi Call Girls 💃 9004004663Call Girls Mumbai
 
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...Diya Sharma
 
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call GirlVIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girladitipandeya
 
Call Now ☎ 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.soniya singh
 
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...tanu pandey
 
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Service
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine ServiceHot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Service
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Servicesexy call girls service in goa
 
Nanded City ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready ...
Nanded City ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready ...Nanded City ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready ...
Nanded City ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready ...tanu pandey
 
𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...
𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...
𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...Neha Pandey
 
Call Girls In Pratap Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Pratap Nagar Delhi 💯Call Us 🔝8264348440🔝Call Girls In Pratap Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Pratap Nagar Delhi 💯Call Us 🔝8264348440🔝soniya singh
 

Dernier (20)

Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
 
Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Saket Delhi 💯Call Us 🔝8264348440🔝
 
CALL ON ➥8923113531 🔝Call Girls Lucknow Lucknow best sexual service Online
CALL ON ➥8923113531 🔝Call Girls Lucknow Lucknow best sexual service OnlineCALL ON ➥8923113531 🔝Call Girls Lucknow Lucknow best sexual service Online
CALL ON ➥8923113531 🔝Call Girls Lucknow Lucknow best sexual service Online
 
Russian Call girl in Ajman +971563133746 Ajman Call girl Service
Russian Call girl in Ajman +971563133746 Ajman Call girl ServiceRussian Call girl in Ajman +971563133746 Ajman Call girl Service
Russian Call girl in Ajman +971563133746 Ajman Call girl Service
 
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
 
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
 
Rohini Sector 26 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 26 Call Girls Delhi 9999965857 @Sabina Saikh No AdvanceRohini Sector 26 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 26 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
 
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
 
✂️ 👅 Independent Andheri Escorts With Room Vashi Call Girls 💃 9004004663
✂️ 👅 Independent Andheri Escorts With Room Vashi Call Girls 💃 9004004663✂️ 👅 Independent Andheri Escorts With Room Vashi Call Girls 💃 9004004663
✂️ 👅 Independent Andheri Escorts With Room Vashi Call Girls 💃 9004004663
 
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
 
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call GirlVIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
 
Russian Call Girls in %(+971524965298 )# Call Girls in Dubai
Russian Call Girls in %(+971524965298 )# Call Girls in DubaiRussian Call Girls in %(+971524965298 )# Call Girls in Dubai
Russian Call Girls in %(+971524965298 )# Call Girls in Dubai
 
Call Now ☎ 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.
 
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
 
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
 
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Service
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine ServiceHot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Service
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Service
 
Nanded City ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready ...
Nanded City ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready ...Nanded City ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready ...
Nanded City ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready ...
 
𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...
𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...
𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...
 
Rohini Sector 6 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 6 Call Girls Delhi 9999965857 @Sabina Saikh No AdvanceRohini Sector 6 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 6 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
 
Call Girls In Pratap Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Pratap Nagar Delhi 💯Call Us 🔝8264348440🔝Call Girls In Pratap Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Pratap Nagar Delhi 💯Call Us 🔝8264348440🔝
 

Kubernetes secret introduction

  • 3. Authorization - Access Control ● ABAC (Attribute-Based Access Control) ○ Specific every access control by attribute.
  • 4. Authorization - Access Control ● RBAC (Role-Based Access Control) ○ Specific every access control by attribute.
  • 5. Kubernetes Account Type User Account Service Acccount Identifier for User Process (run in Pod) Scope Global By namespace, process Config Simple Much Complex
  • 6. How to create Service Account ● Service Account: ○ Combination of “SECRET”s. ● Create by command ○ kubectl create serviceaccount jenkins ● Create by yaml ○ apiVersion: v1 kind: ServiceAccount metadata: name: build-robot ○ kubectl create -f /tmp/serviceaccount.yaml serviceaccounts/build-robot
  • 7. SECRET ● Object Storage: ○ OAuth token, SSH Keys. ● Use for: ○ Pod: ■ One pod can assign multiple secrets ○ Service Account: ■ One service account owns multiple secrets ○ Image Pull ■ A sec.ImagePullSecrets is a secret to login private docker registry. ● How to use it: ○ Use it from “Environment Variables” ○ Use it from “Secret Mount”
  • 8. Secret: Prepare secret ● Secret File: (my_password_secret.yaml) apiVersion: v1 kind: Secret metadata: name: mysecret type: Opaque data: password: MWYyZDFlMmU2N2Rm //1f2d1e2e67df username: YWRtaW4= //admin ● How to use it: ○ Put it into system: ■ kubectl create -f ./secret.yaml
  • 9. Secret: Use Case - Environment Variable ● Pod File: (pod_with_secret.yaml) ● How to use it: ○ Put it into system: ■ kubectl create -f ./pod_with_secret.yaml
  • 10. Secret: Use Case - Security Volume ● Pod File: (secret_volumn.json) ● How to use it: ○ Put it into system: ■ kubectl create -f ./secret_volumn.json
  • 11. Authenitication: httpd Refer to walkthrough: https://github.com/aledbf/contrib/blob/6d61ea81bb0bdbbc115cd6a6e9c59ef 653afb213/ingress/controllers/nginx/examples/auth/README.md
  • 12. OAuth Server List ● Go: OpenID Connect Identity (OIDC) and OAuth 2.0 Provider with Pluggable Connectors ● Go: Auth Boss ● Go: OAuth2 ● Go: Docker registry oauth server ● Ruby: OAuth server with UI management system