Channels
announcements
ask-marvin
best-practices-coordination-plane
data-ecosystem
data-tricks-and-tips
events
find-a-prefect-job
geo-bay-area
geo-berlin
geo-boston
geo-chicago
geo-colorado
geo-dc
geo-israel
geo-japan
geo-london
geo-nyc
geo-seattle
geo-texas
gratitude
introductions
marvin-in-the-wild
pacc-clearcover-june-12-2023
pacc-may-31-2023
ppcc-may-16-2023
prefect-ai
prefect-aws
prefect-azure
prefect-cloud
prefect-community
prefect-contributors
prefect-dbt
prefect-docker
prefect-gcp
prefect-getting-started
prefect-integrations
prefect-kubernetes
prefect-recipes
prefect-server
prefect-ui
random
show-us-what-you-got
Title
m
Matthias
06/01/2020, 8:55 PMDear Prefect Community š Iād like to make a Kubernetes secret (containing GCP credentials) available in the worker pods created by the Kubernetes agent. Is this possible?
š 2
k
Kyle Moon-Wright
06/01/2020, 9:18 PMHey @Matthias! Let me ask the team about best practices here.
Gained some insight: A potential solution could be to utilize a KubernetesJobEnvironment and define the job spec that uses the secret from the get-go. More information about implementing this environment and what the yaml may look like can be found in the documentation.
m
Marwan Sarieddine
06/02/2020, 12:14 AM@Matthias - if you are using Dask you need to create the k8s secret in the same namespace as the worker, and pass the credentials as environment variables in the worker_spec.yaml -
something like this under spec.containers[]
env:
- name: SECRET_USERNAME
valueFrom:
secretKeyRef:
name: mysecret
key: username
- name: SECRET_PASSWORD
valueFrom:
secretKeyRef:
name: mysecret(I had done something similar to authenticate with AWS - I presume GCP should be similar)
m
Matthias
06/02/2020, 6:30 AM@Marwan Sarieddine, @Kyle Moon-Wright thank you so much for your help! The KubernetesJobEnvironment is indeed what I was looking for. Seems nothing is impossible with Prefect š
:marvin: 1
š 1