Sync secrets from external providers like Vault, AWS Secrets Manager, and Azure Key Vault into Kubernetes. This guide provides step-by-step instructions for setting up and managing this technology on your VPS-based Kubernetes infrastructure.
Overview
This technology addresses a critical aspect of Kubernetes operations. Understanding and properly configuring it is essential for running production-grade clusters on VPS infrastructure.
Installation
# Install using Helm (most common method)
helm repo add external-secrets-operator https://charts.example.com
helm repo update
helm install external-secrets-operator external-secrets-operator/external-secrets-operator \
--namespace external-secrets-operator-system \
--create-namespace \
--values values.yaml
# Verify installation
kubectl get pods -n external-secrets-operator-system
kubectl get crd | grep external-secrets-operatorConfiguration
# values.yaml - Production configuration
replicaCount: 3
resources:
limits:
cpu: "1"
memory: "1Gi"
requests:
cpu: "200m"
memory: "256Mi"
persistence:
enabled: true
storageClass: local-path
size: 10Gi
monitoring:
enabled: true
serviceMonitor:
enabled: true
interval: 30s
security:
podSecurityContext:
runAsNonRoot: true
runAsUser: 1000
fsGroup: 1000Basic Usage
# Create a basic resource
cat