Reputation: 81
How to place secure file in rancher storage?
I build a kafka connect docker image and I use rancher to start the kafka connect cluster.The cluster need to connect kerberos enabled hdfs. So I need to place keytab file into the cluster. I don't want to build my keytab file into the image which I build., because it is important and secure. So I want to use the rancher storage service, But I can not place my keytab into the storage? my question is : How to manage my secure file in rancher or docker?
Upvotes: 1
Views: 741
Answers (1)
Reputation: 573
base64 encode your keytab and pass that to the container as an environment variable. Create an entrypoint script that places the base64 decoded value into your keytab file.
export KEYTAB=$(cat /etc/krb5.keytab | base64)
docker run -e KEYTAB my_image
In your entrypoint script:
printenv KEYTAB | base64 -d > /etc/krb5.keytab
Ultimately, manage your keytab the same way you manage all other container secrets - just base64 encode it so that you're managing it as another string and not a file.
Upvotes: 3
Related Questions
- Masking password with a file in Kafka Connect, how to give the filepath?
- How do I prevent access to a mounted secret file?
- How to read the secret in rancher?
- Link Kafka and HDFS with docker containers
- Putting file into HDFS using docker-compose
- Rancher , Kubernetes and StorageOS : Persistent Storage, volume mount issue?
- Rancher volume on Local File System
- How to persist HDFS data in docker container
- How to persist Rancher server meta data
- How to set Zookeeper dataDir in Docker (fig.yml)