Define/change Kubernetes SSH key file name in a YAML

Question

I have a secret:

apiVersion: v1
kind: Secret
metadata:
  name: secret-ssh-auth
type: kubernetes.io/ssh-auth
data:
  ssh-privatekey: |
          SEVMTE9PT09PT09PT09PT09PT09PCg==

and deployment:

apiVersion: apps/v1
kind: Deployment
metadata:
  name: nginx-deployment
  labels:
    app: nginx
spec:
  replicas: 1
  selector:
    matchLabels:
      app: nginx
  template:
    metadata:
      labels:
        app: nginx
    spec:
      containers:
      - name: nginx
        image: nginx:1.14.2
        ports:
        - containerPort: 80
        volumeMounts:
          - name: secret-ssh-auth
            mountPath: /root/.ssh
      volumes:
      - name: secret-ssh-auth
        secret:
          secretName: secret-ssh-auth
          defaultMode: 0400

It creates a file with this path /root/.ssh/ssh-privatekey while I want to have /root/.ssh/id_rsa name instead.

I know we can solve it by running a kubectl command, but I want to handle it inside the YAML file. So, how to do that by the YAML file?

Answer 1

Got the same problem, and revolved it by simply defining the spec.volumes like this, which renames the key with the path value:

  volumes:
    - name: privatekey
      secret:
        secretName: private-key
        items:
          - key: ssh-privatekey
            path: id_rsa
        defaultMode: 384

then refer it inside the container definition:

  containers:
    - name: xxx
      volumeMounts:
        - name: privatekey
          mountPath: /path/to/.ssh

Answer 2

Based on the Kubernetes documentation the ssh-privatekey key is mandatory, in this case, you can leave it empty via stringData key, then define another one by data key like this:

apiVersion: v1
kind: Secret
metadata:
  name: secret-ssh-auth
type: kubernetes.io/ssh-auth
stringData:
  ssh-privatekey: |
          -
data:
   id_rsa: |
          SEVMTE9PT09PT09PT09PT09PT09PCg==