Day: April 22, 2023

Read the secrets data from etcd of kubernetes

  • Find out etcd procecss id
ps -ef | grep etcd
  • Go to process directory of ectd
cd /proc/2626577/fd
  • List the files and look for “/var/lib/etcd/member/snap/db
ls -ltr | grep db
  • To read any secret that is currently created by user in k8
#create secret

kubectl create secret generic secret1 --from-literal=secretname=helloworld

#read secret directly from etcd

cat /var/lib/etcd/member/snap/db | strings | grep secret1 -C 10

Encrypting Secret Data at Rest https://kubernetes.io/docs/tasks/administer-cluster/encrypt-data/

https://jonathan18186.medium.com/certified-kubernetes-security-specialist-cks-preparation-part-8-runtime-security-system-9f705872c17