Kubernetes - sharing secret across namespaces

Secret API objects reside in a namespace. They can only be referenced by pods in that same namespace. Basically, you will have to create the secret for every namespace.

https://kubernetes.io/docs/concepts/configuration/secret/#details

They can only be referenced by pods in that same namespace. But you can just copy secret from one name space to other. Here is a example of copying localdockerreg secret from default namespace to dev:

 kubectl get secret localdockerreg --namespace=default --export -o yaml | kubectl apply --namespace=dev -f -

###UPDATE### In Kubernetes v1.14 --export flag is deprecated. So, the following Command with -oyaml flag will work without a warning in forthcoming versions.

kubectl get secret localdockerreg --namespace=default -oyaml | kubectl apply --namespace=dev -f -

or below if source namespace is not necessarily default

kubectl get secret localdockerreg --namespace=default -oyaml | grep -v '^\s*namespace:\s' | kubectl apply --namespace=dev -f -

The accepted answer is correct, here is a hint if you are looking to copy the secret between namespaces.

kubectl get secret <secret-name> -n <source-namespace> -o yaml \
| sed s/"namespace: <source-namespace>"/"namespace: <destination-namespace>"/\
| kubectl apply -n <destination-namespace> -f -

/edit apr 2020:

Now there is a way to share or sync secret across namespaces and its by using the ClusterSecret operator:

https://github.com/zakkg3/ClusterSecret

Kubernetes - sharing secret across namespaces

Tags:

Namespaces

Kubernetes

Related

Recent Posts