Microservices - Orchestration with Kubernetes
You want to securely provide database credentials to multiple microservices running in different namespaces. Which approach is best?
You want to securely provide database credentials to multiple microservices running in different namespaces. Which approach is best?
hard📝 Trade-off Q8 of 15
Step-by-Step Solution
Solution:
Step 1: Understand cross-namespace Secret sharing
Secrets are namespace-scoped, and pods can only directly access Secrets in their own namespace.Step 2: Evaluate options
Creating a Secret in each namespace with the same credentials is the feasible approach among the options, though credentials must be kept in sync. Create a single Secret in one namespace and reference it from others using Role-Based Access Control (RBAC) is not possible as cross-namespace references are unsupported. ConfigMaps are not secure for credentials. Hardcoding is highly insecure.Final Answer:
Create a Secret in each namespace with the same credentials -> Option CQuick Check:
Secure cross-namespace Secret sharing = B [OK]
Quick Trick: Create identical Secrets in each namespace [OK]
Common Mistakes:
MISTAKES- Attempting to reference a single Secret across namespaces with RBAC
- Using ConfigMaps for sensitive data
- Hardcoding credentials in YAML
Master "Orchestration with Kubernetes" in Microservices
Want More Practice?
15+ quiz questions · All difficulty levels · Free
Free Signup - Practice All QuestionsMore Microservices Quizzes