Presentation on how to chat with PDF using ChatGPT code interpreter
Kubernetes Sealed secrets
1. Sealed-Secrets
Code by Angus Lees, Australia, @guslees
Sebastien Goasguen @sebgoa
kubeless.io, kompose, Cabin, LF certification course ...
Now at Bitnami (Charts, monocular, kubeapps, kubecfg, sealed-secrets)
Apps, Apps, Apps...on any platform
1 / 7
2. Sealed Secrets
Problem: "I can manage all my K8s config in git, except Secrets."
Solution: Encrypt your Secret into a SealedSecret, which is safe to
store - even to a public repository. The SealedSecret can be decrypted
only by the controller running in the target cluster and nobody else
(not even the original author) is able to obtain the original Secret
from the SealedSecret.
Open Source
https://github.com/bitnami/sealed-secrets
2 / 7
3. Sealed Secrets
Kubernetes extension
TPR (CRD) for SealedSecrets
A controller
Blog from Gus: https://engineering.bitnami.com/articles/sealed-secrets.html
3 / 7
4. How does it work
Controller starts
Generates a certificate
kubeseal cli retrieves the public cert to encrypt
Seal secret and create SealedSecret object
Store SealedSecret in git
kubectl apply SealedSecret
Controller decrypts and creates corresponding Secret object in-cluster
4 / 7