How can I serve a static file to my local Kubernetes deployed service from my controller file?
I have defined a deployment file:
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ ... }}
labels:
app.kubernetes.io/name: {{ ... }}
helm.sh/chart: {{ ... }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
spec:
...
My service implements JWT validation and thus requires a public key. Can I somehow specify in the deployment file to serve a locally generated pub key file to my service?
go kubernetes jwt
asked Nov 12 '18 at 23:44
AJ.AJ.
63
add a comment |
I have defined a deployment file:
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ ... }}
labels:
app.kubernetes.io/name: {{ ... }}
helm.sh/chart: {{ ... }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
spec:
...
My service implements JWT validation and thus requires a public key. Can I somehow specify in the deployment file to serve a locally generated pub key file to my service?
go kubernetes jwt
asked Nov 12 '18 at 23:44
AJ.AJ.
63
add a comment |
I have defined a deployment file:
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ ... }}
labels:
app.kubernetes.io/name: {{ ... }}
helm.sh/chart: {{ ... }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
spec:
...
My service implements JWT validation and thus requires a public key. Can I somehow specify in the deployment file to serve a locally generated pub key file to my service?
go kubernetes jwt
asked Nov 12 '18 at 23:44
AJ.AJ.
63
I have defined a deployment file:
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ ... }}
labels:
app.kubernetes.io/name: {{ ... }}
helm.sh/chart: {{ ... }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
spec:
...
My service implements JWT validation and thus requires a public key. Can I somehow specify in the deployment file to serve a locally generated pub key file to my service?
go kubernetes jwt
go kubernetes jwt
asked Nov 12 '18 at 23:44
AJ.AJ.
63
asked Nov 12 '18 at 23:44
AJ.AJ.
63
asked Nov 12 '18 at 23:44
AJ.AJ.
63
asked Nov 12 '18 at 23:44
AJ.AJ.
63
asked Nov 12 '18 at 23:44
AJ.AJ.
63
63
add a comment |
add a comment |
2 Answers
2
active
oldest
votes
You can do it with configmaps. Config maps are resources that are used to deploy single files (basically). I'm currently using one for my clusters nginx configuration.
In your config file , write the contents of your public key to your data field and then tell your deployment to use that config file and read from it. It's very similar to mounting a volume for a single file only. You may need to update your deployed image to read from the mounted location though.
Search for nginx in kubernetes for examples of how people use configmaps to deploy their configurations (in your case public key) to the clusters.
For testing you can create your config map with this command kubectl create configmap public-conf --from-file=./your-public-key. This will create a configmap called public-conf. You can run kubectl get configmap to see your newly created configmap.
answered Nov 13 '18 at 0:30
atayenelatayenel
7001916
Thanks for the reply, is there any way to configure it so that it copies from a local file so that anyone spinning up can just generate the pub key and be good to go rather than having to dump the file contents into the yaml file?
– AJ.
Nov 13 '18 at 0:52
I’m not sure I understood correctly. Do you want kubernetes to access to your local file system automatically ? That’s not possible. You have to deploy your contents to the cloud one way or another, or use an endpoint that writes uploaded keys to a database.
– atayenel
Nov 13 '18 at 1:15
You can use a secret to hold the key. Or if you want to generate it each time you create a new pod, you can look into init containers
– Crou
Nov 13 '18 at 11:23
@atayenel I don't want to manually copy/paste a key into a configmap file every time someone locally wants to spin up.
– AJ.
Nov 13 '18 at 15:53
add a comment |
I ended up using secrets suggested by @Crou to create the key:
$ kubectl create secret generic pub-key --from-file=./jwt-key.pub
and then mounted it to a volume in my deployment yaml:
spec:
volumes:
- name: secret
secret:
secretName: pub-key
defaultMode: 256
...
containers:
volumeMounts:
- name: secret
readOnly: true
mountPath: /secret
and was able to access my key at /secret/jwt-key.pub
answered Nov 14 '18 at 19:50
AJ.AJ.
63
add a comment |
Your Answer
StackExchange.ifUsing("editor", function () {
StackExchange.using("externalEditor", function () {
StackExchange.using("snippets", function () {
StackExchange.snippets.init();
});
});
}, "code-snippets");
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "1"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53271724%2fhow-can-i-serve-a-static-file-to-my-local-kubernetes-deployed-service-from-my-co%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
2 Answers
2
active
oldest
votes
2 Answers
2
active
oldest
votes
active
oldest
votes
active
oldest
votes
You can do it with configmaps. Config maps are resources that are used to deploy single files (basically). I'm currently using one for my clusters nginx configuration.
In your config file , write the contents of your public key to your data field and then tell your deployment to use that config file and read from it. It's very similar to mounting a volume for a single file only. You may need to update your deployed image to read from the mounted location though.
Search for nginx in kubernetes for examples of how people use configmaps to deploy their configurations (in your case public key) to the clusters.
For testing you can create your config map with this command kubectl create configmap public-conf --from-file=./your-public-key. This will create a configmap called public-conf. You can run kubectl get configmap to see your newly created configmap.
answered Nov 13 '18 at 0:30
atayenelatayenel
7001916
Thanks for the reply, is there any way to configure it so that it copies from a local file so that anyone spinning up can just generate the pub key and be good to go rather than having to dump the file contents into the yaml file?
– AJ.
Nov 13 '18 at 0:52
I’m not sure I understood correctly. Do you want kubernetes to access to your local file system automatically ? That’s not possible. You have to deploy your contents to the cloud one way or another, or use an endpoint that writes uploaded keys to a database.
– atayenel
Nov 13 '18 at 1:15
You can use a secret to hold the key. Or if you want to generate it each time you create a new pod, you can look into init containers
– Crou
Nov 13 '18 at 11:23
@atayenel I don't want to manually copy/paste a key into a configmap file every time someone locally wants to spin up.
– AJ.
Nov 13 '18 at 15:53
add a comment |
You can do it with configmaps. Config maps are resources that are used to deploy single files (basically). I'm currently using one for my clusters nginx configuration.
In your config file , write the contents of your public key to your data field and then tell your deployment to use that config file and read from it. It's very similar to mounting a volume for a single file only. You may need to update your deployed image to read from the mounted location though.
Search for nginx in kubernetes for examples of how people use configmaps to deploy their configurations (in your case public key) to the clusters.
For testing you can create your config map with this command kubectl create configmap public-conf --from-file=./your-public-key. This will create a configmap called public-conf. You can run kubectl get configmap to see your newly created configmap.
answered Nov 13 '18 at 0:30
atayenelatayenel
7001916
Thanks for the reply, is there any way to configure it so that it copies from a local file so that anyone spinning up can just generate the pub key and be good to go rather than having to dump the file contents into the yaml file?
– AJ.
Nov 13 '18 at 0:52
I’m not sure I understood correctly. Do you want kubernetes to access to your local file system automatically ? That’s not possible. You have to deploy your contents to the cloud one way or another, or use an endpoint that writes uploaded keys to a database.
– atayenel
Nov 13 '18 at 1:15
You can use a secret to hold the key. Or if you want to generate it each time you create a new pod, you can look into init containers
– Crou
Nov 13 '18 at 11:23
@atayenel I don't want to manually copy/paste a key into a configmap file every time someone locally wants to spin up.
– AJ.
Nov 13 '18 at 15:53
add a comment |
You can do it with configmaps. Config maps are resources that are used to deploy single files (basically). I'm currently using one for my clusters nginx configuration.
In your config file , write the contents of your public key to your data field and then tell your deployment to use that config file and read from it. It's very similar to mounting a volume for a single file only. You may need to update your deployed image to read from the mounted location though.
Search for nginx in kubernetes for examples of how people use configmaps to deploy their configurations (in your case public key) to the clusters.
For testing you can create your config map with this command kubectl create configmap public-conf --from-file=./your-public-key. This will create a configmap called public-conf. You can run kubectl get configmap to see your newly created configmap.
answered Nov 13 '18 at 0:30
atayenelatayenel
7001916
You can do it with configmaps. Config maps are resources that are used to deploy single files (basically). I'm currently using one for my clusters nginx configuration.
In your config file , write the contents of your public key to your data field and then tell your deployment to use that config file and read from it. It's very similar to mounting a volume for a single file only. You may need to update your deployed image to read from the mounted location though.
Search for nginx in kubernetes for examples of how people use configmaps to deploy their configurations (in your case public key) to the clusters.
For testing you can create your config map with this command kubectl create configmap public-conf --from-file=./your-public-key. This will create a configmap called public-conf. You can run kubectl get configmap to see your newly created configmap.
answered Nov 13 '18 at 0:30
atayenelatayenel
7001916
answered Nov 13 '18 at 0:30
atayenelatayenel
7001916
answered Nov 13 '18 at 0:30
atayenelatayenel
7001916
answered Nov 13 '18 at 0:30
atayenelatayenel
7001916
7001916
Thanks for the reply, is there any way to configure it so that it copies from a local file so that anyone spinning up can just generate the pub key and be good to go rather than having to dump the file contents into the yaml file?
– AJ.
Nov 13 '18 at 0:52
I’m not sure I understood correctly. Do you want kubernetes to access to your local file system automatically ? That’s not possible. You have to deploy your contents to the cloud one way or another, or use an endpoint that writes uploaded keys to a database.
– atayenel
Nov 13 '18 at 1:15
You can use a secret to hold the key. Or if you want to generate it each time you create a new pod, you can look into init containers
– Crou
Nov 13 '18 at 11:23
@atayenel I don't want to manually copy/paste a key into a configmap file every time someone locally wants to spin up.
– AJ.
Nov 13 '18 at 15:53
add a comment |
Thanks for the reply, is there any way to configure it so that it copies from a local file so that anyone spinning up can just generate the pub key and be good to go rather than having to dump the file contents into the yaml file?
– AJ.
Nov 13 '18 at 0:52
I’m not sure I understood correctly. Do you want kubernetes to access to your local file system automatically ? That’s not possible. You have to deploy your contents to the cloud one way or another, or use an endpoint that writes uploaded keys to a database.
– atayenel
Nov 13 '18 at 1:15
You can use a secret to hold the key. Or if you want to generate it each time you create a new pod, you can look into init containers
– Crou
Nov 13 '18 at 11:23
@atayenel I don't want to manually copy/paste a key into a configmap file every time someone locally wants to spin up.
– AJ.
Nov 13 '18 at 15:53
Thanks for the reply, is there any way to configure it so that it copies from a local file so that anyone spinning up can just generate the pub key and be good to go rather than having to dump the file contents into the yaml file?
– AJ.
Nov 13 '18 at 0:52
Thanks for the reply, is there any way to configure it so that it copies from a local file so that anyone spinning up can just generate the pub key and be good to go rather than having to dump the file contents into the yaml file?
– AJ.
Nov 13 '18 at 0:52
I’m not sure I understood correctly. Do you want kubernetes to access to your local file system automatically ? That’s not possible. You have to deploy your contents to the cloud one way or another, or use an endpoint that writes uploaded keys to a database.
– atayenel
Nov 13 '18 at 1:15
I’m not sure I understood correctly. Do you want kubernetes to access to your local file system automatically ? That’s not possible. You have to deploy your contents to the cloud one way or another, or use an endpoint that writes uploaded keys to a database.
– atayenel
Nov 13 '18 at 1:15
You can use a secret to hold the key. Or if you want to generate it each time you create a new pod, you can look into init containers
– Crou
Nov 13 '18 at 11:23
You can use a secret to hold the key. Or if you want to generate it each time you create a new pod, you can look into init containers
– Crou
Nov 13 '18 at 11:23
@atayenel I don't want to manually copy/paste a key into a configmap file every time someone locally wants to spin up.
– AJ.
Nov 13 '18 at 15:53
@atayenel I don't want to manually copy/paste a key into a configmap file every time someone locally wants to spin up.
– AJ.
Nov 13 '18 at 15:53
add a comment |
I ended up using secrets suggested by @Crou to create the key:
$ kubectl create secret generic pub-key --from-file=./jwt-key.pub
and then mounted it to a volume in my deployment yaml:
spec:
volumes:
- name: secret
secret:
secretName: pub-key
defaultMode: 256
...
containers:
volumeMounts:
- name: secret
readOnly: true
mountPath: /secret
and was able to access my key at /secret/jwt-key.pub
answered Nov 14 '18 at 19:50
AJ.AJ.
63
add a comment |
I ended up using secrets suggested by @Crou to create the key:
$ kubectl create secret generic pub-key --from-file=./jwt-key.pub
and then mounted it to a volume in my deployment yaml:
spec:
volumes:
- name: secret
secret:
secretName: pub-key
defaultMode: 256
...
containers:
volumeMounts:
- name: secret
readOnly: true
mountPath: /secret
and was able to access my key at /secret/jwt-key.pub
answered Nov 14 '18 at 19:50
AJ.AJ.
63
add a comment |
I ended up using secrets suggested by @Crou to create the key:
$ kubectl create secret generic pub-key --from-file=./jwt-key.pub
and then mounted it to a volume in my deployment yaml:
spec:
volumes:
- name: secret
secret:
secretName: pub-key
defaultMode: 256
...
containers:
volumeMounts:
- name: secret
readOnly: true
mountPath: /secret
and was able to access my key at /secret/jwt-key.pub
answered Nov 14 '18 at 19:50
AJ.AJ.
63
I ended up using secrets suggested by @Crou to create the key:
$ kubectl create secret generic pub-key --from-file=./jwt-key.pub
and then mounted it to a volume in my deployment yaml:
spec:
volumes:
- name: secret
secret:
secretName: pub-key
defaultMode: 256
...
containers:
volumeMounts:
- name: secret
readOnly: true
mountPath: /secret
and was able to access my key at /secret/jwt-key.pub
answered Nov 14 '18 at 19:50
AJ.AJ.
63
answered Nov 14 '18 at 19:50
AJ.AJ.
63
answered Nov 14 '18 at 19:50
AJ.AJ.
63
answered Nov 14 '18 at 19:50
AJ.AJ.
63
63
add a comment |
add a comment |
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53271724%2fhow-can-i-serve-a-static-file-to-my-local-kubernetes-deployed-service-from-my-co%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
