Manage secret in Kubernetes marked failed

Hello, @nithyaks
KKE team will look into it if it’s a validation issue. What is the error message?

hi @nithyaks, sorry for inconvenience this is marked pending for you, please give it an another try

Again it failed. But everything created correctly. Kindly check it.

Task Status - Failed

You may check your work again to see what went wrong. The environment expires in 5 minutes. If you think you did your work correctly and is marked failed, please take outputs/screenshot of your work and post in community.kodekloud.com.

thor@jump_host /opt$ kubectl describe pods
Name: secret-devops
Namespace: default
Priority: 0
Node: node01/172.17.0.29
Start Time: Wed, 26 Aug 2020 16:37:38 +0000
Labels:
Annotations:
Status: Running
IP: 10.44.0.1
IPs:
IP: 10.44.0.1
Containers:
secret-container-devops:
Container ID: docker://dc7d81a906304107f1d3a9207f8b6dc1a89bfef0a351a6e08c42fbfca6213cf3
Image: fedora:latest
Image ID: docker-pullable://fedora@sha256:d6a6d60fda1b22b6d5fe3c3b2abe2554b60432b7b215adc11a2b5fae16f50188
Port:
Host Port:
Command:
bin/bash
-c
sleep 10000
State: Running
Started: Wed, 26 Aug 2020 16:38:32 +0000
Ready: True
Restart Count: 0
Environment:
Mounts:
/opt/apps from secret-volume-devops (ro)
/var/run/secrets/kubernetes.io/serviceaccount from default-token-xrqph (ro)
Conditions:
Type Status
Initialized True
Ready True
ContainersReady True
PodScheduled True
Volumes:
secret-volume-devops:
Type: Secret (a volume populated by a Secret)
SecretName: blog
Optional: false
default-token-xrqph:
Type: Secret (a volume populated by a Secret)
SecretName: default-token-xrqph
Optional: false
QoS Class: BestEffort
Node-Selectors:
Tolerations: node.kubernetes.io/not-ready:NoExecute for 300s
node.kubernetes.io/unreachable:NoExecute for 300s
Events:
Type Reason Age From Message


Normal Scheduled default-scheduler Successfully assigned default/secret-devops to node01
Normal Pulling 63s kubelet, node01 Pulling image “fedora:latest”
Normal Pulled 20s kubelet, node01 Successfully pulled image “fedora:latest”
Normal Created 20s kubelet, node01 Created container secret-container-devops
Normal Started 19s kubelet, node01 Started container secret-container-devops
thor@jump_host /opt$ kubectl exec secret-devops -it sh
kubectl exec [POD] [COMMAND] is DEPRECATED and will be removed in a future version. Use kubectl kubectl exec[POD] – [COMMAND] instead.
sh-5.0# cd /opt/apps/
sh-5.0# ls -l
total 0
lrwxrwxrwx 1 root root 15 Aug 26 16:37 password -> …data/password
sh-5.0# cd …data/
sh-5.0# ls -l
total 4
-rw-r–r-- 1 root root 7 Aug 26 16:37 password

@nithyaks, as per question, secret should be generic ( plain text ), there is no need to encrypt the txt file. And again this is marked pending for you, please give an another try.

@rahul456

Thanks a lot for the update. Now my task completed

Hello @player001. and Everyone

I just did this task and the result was “secret name ‘news’ not defined under volumes”.

Checking out the pod created by “describe pods”, I Found the config applied this way

Please help me describing what was the problem!

hi @juancgarciaco, sorry for the issue, this is marked success for you.

1 Like

same for me @player001 , it seems OK to me but task is marked failed and tells me secret name ‘media’ not defined under volumes
here’s my secret and pod definitions

kubectl create secret generic media --from-file /opt/media.txt

apiVersion: v1
kind: Pod
metadata:
  name: secret-datacenter
spec:
  containers:
    - name: secret-container-datacenter
      image: debian:latest
      command:
        - '/bin/bash'
        - '-c'
        - 'sleep 10000'
      volumeMounts:
        - name: secret-volume-datacenter
          mountPath: /opt/games
          readOnly: true
      volumes:
    - name: secret-volume-datacenter
      projected:
        sources:
          - secret:
              name: media
              items:
                - key: media.txt
                  path: media.txt

hi @takman, sorry for the issue, this is marked success for you.

Thank you @rahul456 for your quick resolution and reply.