Age

This is part 3 of my Kubernetes homelab cluster setup series. The cluster is up, but it isn’t very usable yet. Before we and any services, we need to set up secrets management. In this post, we’re going to add secret management to the cluster with sops and age so we can safely check our configuration into git. Talos Kubernetes Homelab Setup Series Part 1 - Setting up Talos with a Cilium CNI on proxmox Part 2 Add SSL to Kubernetes using Cilium, cert-manager and LetsEncrypt with domains hosted on Amazon Route 53 Part 3 - Secret Management with SOPS Prerequisites A working kubernetes cluster. I’m using Talos for mine, but regular kubernetes or k3s clusters will work too. If you need to set up a new cluster, or configure an existing one to use Cilum, read part one of this series. cilium, kubectl & helm - if you don’t want to brew install them, install instructions are at cilium.io, helm.sh and kubectl. sops and age. On a Mac, you can run brew install sops age. If you’re using Linux or Windows, use the age installation instructions and sops installation instructions. Goal I have my cluster configuration in git so that it’s easy to recreate if I break something while experimenting. I don’t want to commit secrets into git in cleartext though. Instead, I want to encrypt our secrets in a way that the cluster can decrypt them, but they’re safe to check into source control. ...