Difficulty: Beginner
Estimated Time: 10 minutes

Before we begin...

This is a detailed, step-by-step tutorial.

You will:

  1. Setup Minikube environment
  2. Deploy a PostgreSQL database
  3. Store its credentials in Kubernetes secrets
  4. Setup Secretless Broker to proxy connections to it
  5. Deploy an application that connects to the database without knowing its password Already a Kubernetes expert? You may prefer our advanced Github tutorial complete with shell scripts to get the whole thing working end to end fast

You're done!

In this tutorial you learned how to:

  1. Deploy a PostgreSQL database
  2. Store its credentials in Kubernetes secrets
  3. Setup Secretless Broker to proxy connections to it
  4. Deploy an application that connects to the database without knowing its password

Want to learn more? Take a look at our documentation

Using Secretless on Kubernetes

Step 1 of 18

Overview

Applications and application developers should be incapable of leaking secrets.

To achieve that goal, you’ll play two roles in this tutorial:

  1. A Security Admin who handles secrets, and has sole access to those secrets
  2. An Application Developer with no access to secrets.

The situation looks like this:

the situation

Specifically, we will:

As the security admin:

Create a PostgreSQL database Create a DB user for the application Add that user’s credentials to Kubernetes Secrets Configure Secretless to connect to PostgreSQL using those credentials

As the application developer:

Configure the application to connect to PostgreSQL via Secretless Deploy the application and the Secretless sidecar

Prerequisites To run through this tutorial, all you need is this course!

To run through this tutorial in your own environment, you will need:

  • A running Kubernetes cluster (you can use minikube to run a cluster locally)
  • kubectl configured to point to the cluster
  • Docker CLI