I want to create two Anthos cluster's in GCP one is GKE and second is EKS (AWS Kubernetes) and I want to store secret in GCP secrete manager, use those secrets in both GKE and EKS, What is good and secured way to do it ?
How can I use GCP secret manager in Anthos cluster
232 views Asked by Aadesh kale At
1
There are 1 answers
Related Questions in KUBERNETES
- Golang == Error: OCI runtime create failed: unable to start container process: exec: "./bin": stat ./bin: no such file or directory: unknown
- I can't create a pod in minikube on windows
- Oracle setting up on k8s cluster using helm charts enterprise edition
- Retrieve the Dockerfile configuration from the Kubernetes and also change container Java parameter?
- Summarize pods not running, by Namespace and Reason - I'm having trouble finding the reason
- How to get Java running parameters from Spring Boot running inside container in pod where no ps exist
- How do we configure prometheus server to scrape metrics from a pod with Istio sidecar proxy?
- In rke kube-proxy pod is not present
- problem with edge server registration in Eureka
- Unable to Access Kubernetes LoadBalancer Service from Local Device Outside Cluster
- Kubernetes cluster on GCE connection refused error
- Based on my experience, I've outlined the Kubernetes request flow. Could someone please add or highlight any points I might have overlooked?
- how to define StackGres helm chart "restapi" values to use internal LoadBalancer - AWS EKS
- Python3.11 can't open file [Errno 2] No such file or directory
- Cannot find remote pod service - SERVICE_UNAVAILABLE
Related Questions in GOOGLE-CLOUD-PLATFORM
- Why do I need to wait to reaccess to Firestore database even though it has already done before?
- Unable to call datastore using GCP service account key json
- Troubleshooting Airflow Task Failures: Slack Notification Timeout
- GoogleCloud Error: Not Found The requested URL was not found on this server
- Kubernetes cluster on GCE connection refused error
- Best way to upload images to Google Cloud Storage?
- Permission 'storage.buckets.get' denied on resource (or it may not exist)
- Google Datastream errors on larger MySQL tables
- Can anyone explain the output of apache-beam streaming pipeline with Fixed Window of 60 seconds?
- Parametrizing backend in terraform on gcp
- Nonsense error using a Python Google Cloud Function
- Unable to deploy to GAE from Github Actions
- Assigned A record for Subdomain in Cloud DNS to Compute Engine VM instance but not propagated/resolved yet
- Task failure in DataprocCreateClusterOperator when i add metadata
- How can I get the long running operation with google.api_core.operations_v1.AbstractOperationsClient
Related Questions in GOOGLE-KUBERNETES-ENGINE
- Golang == Error: OCI runtime create failed: unable to start container process: exec: "./bin": stat ./bin: no such file or directory: unknown
- Kubectl command throws error when executed from python script but manual execution works fine
- Unable to add TLS certificate to GKE from Google Secret Manager
- GKE Clusters no indication within metrics or logs after failure
- Getting connection refused to Private GKE Internal point. Autopilot private cluster
- Can I have the Google managed service range on a standard gke cluster created with Terraform- non auto-pilot
- Configure Lens with GKE cluster - gke_gcloud_auth_plugin issue
- Having issues joining my kubernetes worker noed to a controller node
- How to deploy airflow in kubernetes cluster that uses istio
- GKE cluster shutdown
- Artifactory 404 error from virtual repository where docker pulls fine but crictl does not
- Scraping from Mexico in GCP EKG?
- not able to connect via cloud sql proxy
- SQL connection throws error when adding DistributedSession, SessionMiddleware
- CronJob pod repeats pending forever even after deleting it
Related Questions in GOOGLE-ANTHOS
- Deployment of Google Cloud COS on Vmware Default Logins
- How to update the hostname of the master node in an Anthos on VMWare Admin Cluster?
- parsing api version: yaml: line 11: did not find expected key
- how to enable Anthos Service Mesh to a GKE cluster via terraform
- Can we attach an existing Alibaba Cluster (ACK) located in china region in google Anthos?
- Inquiry regarding error while deploying GCP Anthos sample
- How to remove header in Anthos Service Mesh?
- How to deploy a Google Run with GPU enabled?
- How to achieve internal service to service communication in Anthos multiple clusters
- How can I use GCP secret manager in Anthos cluster
- Can't pull images from registry.k8s.io from Anthos Kubernetes Cluster on VMware
- Reducing API Requests for Cloud Run Services via Anthos Config Management
- Cloud Run for Anthos is not available under deployment in GCP
- Creating Admin Workstation
- Connections dropping with Anthos Service Mesh 1.12 and up
Related Questions in GOOGLE-ANTHOS-SERVICE-MESH
- Is it possible for GFE to use a managed certs to establish TLS with mesh ingress on GKE?
- an error occurred forwarding 3000 -> 443: error forwarding port 443 to pod
- How to Enable MTLS with MultiCluster Service on GKE
- Services Inside GKE Cluster not Visible in Anthos Service Mesh Dashboard
- How to achieve internal service to service communication in Anthos multiple clusters
- How can I use GCP secret manager in Anthos cluster
- How to reduce istio-proxy's disk resource request on GKE + ASM?
- Seldon-core deployment in GKE private cluster with Anthos Service Mesh
- Connections dropping with Anthos Service Mesh 1.12 and up
- GKE init container won't be able to connect GCP SQL after Anthos service Mesh Installation
- Failing to set range loop of helm in Istio virtual Service HTTP Retry
- Cloud Run for Anthos: You don't have any clusters with Cloud Run for Anthos enabled
- Cloud Anthos Service Mesh - Injected Sidecar requesting high amount of resources
- Error while registering to fleet and installing Anthos Service Mesh (Error: local-exec provisioner error)
- Host name resolution for backend service on Anthos Service Mesh with Istio ingress-gateway
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
Popular Tags
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
You can use Secret Store CSI Driver for this purpose, it will allow you to access the secrets stored in the Secret Manager as files mounted on the kubernetes pods.
For this first you need to have an Anthos cluster configured with workload-identity, this blog written by Harsh Manvar gives a detailed explanation on how to create an Anthos cluster with both GKE and EKS using workload-identity(OIDC). If you already have an existing cluster, follow this document for enabling workload-identity on existing cluster.
Once these prerequisites are fulfilled you need to follow these simple steps for using GCP secret manager:
Follow this documentation for more details on installation and configuration steps.