Enable javascript in your browser for better experience. Need to know to enable it? Go here.
关闭
Ask Tai
Ask Tai
Download
Platforms Back
Last updated : Mar 29, 2022
NOT ON THE CURRENT EDITION
This blip is not on the current edition of the Radar. If it was on one of the last few editions, it is likely that it is still relevant. If the blip is older, it might no longer be relevant and our assessment might be different today. Unfortunately, we simply don't have the bandwidth to continuously review blips from previous editions of the Radar. Understand more
Mar 2022
Trial ?

Kubernetes 原生支持称为“机密”(secret)的键值对象。然而默认情况下,这些 Kubernetes 的“机密”其实并不真的那么机密。尽管它们与其他键值数据分开处理,可以单独采取预防措施或访问控制,且支持在将“机密”存储在 etcd 之前,对其进行加密,但在配置文件中,“机密”是以纯文本字段的形式保存的。Sealed Secrets 提供组合运算符和命令行实用程序,使用非对称密钥来对“机密”进行加密,以便仅在集群中用控制器将其解密。此过程可确保“机密”在 Kubernetes 用于部署的配置文件中不会泄漏。一旦加密,这些文件就可以安全地共享或与其他部署制品一起存储。

Oct 2021
Trial ?

Kubernetes原生支持称为“机密”(secret)的键值对象。然而默认情况下,这些Kubernetes的“机密”其实并不真的那么机密。尽管它们与其他键值数据分开处理,可以单独采取预防措施或访问控制,且支持在将“机密”存储在 etcd 之前,对其进行加密,但在配置文件中,“机密”是以纯文本字段的形式保存的。Sealed Secrets提供组合运算符和命令行实用程序,使用非对称密钥来对“机密”进行加密,以便仅在集群中用控制器将其解密。此过程可确保“机密”在Kubernetes用于部署的配置文件中不会泄漏。一旦加密,这些文件就可以安全地共享或与其他部署制品一起存储。

Published : Oct 27, 2021

Download the PDF

 

 

 

English | Português 

Sign up for the Technology Radar newsletter

 

 

Subscribe now

Visit our archive to read previous volumes

Go to archive