Feb 10
Loading video player...
The Kubernetes Secrets Problem Every DevOps Engineer Faces Passwords, API keys, tokens, and certificates must be stored securely, rotated properly, and handled safely, especially when using GitOps. In this video, I explain the main Kubernetes secret management approaches, how they fit into a GitOps workflow, and why HashiCorp Vault is my preferred solution. š¹ We cover: 00:00 ā Introduction: Why Secrets Are Hard in Kubernetes 00:26 ā Kubernetes Secrets & GitOps Challenges 01:20 ā Sealed Secrets (How They Work & Trade-offs) 02:20 ā External Secrets Operator (ESO) 03:05 ā Secrets Store CSI Driver 03:55 ā SOPS: Encrypting Secrets in Git 04:50 ā Why HashiCorp Vault Is My Preferred Solution 05:35 ā Vault Kubernetes Integration Models 07:10 ā Comparing Sidecar, CSI & Vault Operator 07:55 ā Final Thoughts & Next Video (Vault Demo) This video is conceptual and architecture-focused. š A hands-on Vault + Kubernetes GitOps demo will follow in a future video. š Subscribe to TechTalk with Nathan for Kubernetes, GitOps, and SRE content. #Kubernetes #gitops #secrets #hashicorp #DevOps #SRE