Hi all, We run a lot of infrastructure in AWS, make heavy use of RDS and rely on both credentials and security groups to secure access. I'm in the process of building some proof-of-concept stuff to see how it could work on Kubernetes instead and am trying to find a good way of using short-lived/per-pod database credentials.
One idea would be to run a sidecar container in a pod which is responsible for retrieving and updating credentials, writing them to a file in a volume shared with the main app containers in the pod. However, if these credentials change it would be useful to signal to the other containers they'll need to reload/restart. Is there anyway to achieve this currently? Or would it rely on having the app containers watching the directories/files and killing themselves if they change? Thanks in advance, Paul -- You received this message because you are subscribed to the Google Groups "Kubernetes user discussion and Q&A" group. To unsubscribe from this group and stop receiving emails from it, send an email to kubernetes-users+unsubscr...@googlegroups.com. To post to this group, send email to kubernetes-users@googlegroups.com. Visit this group at https://groups.google.com/group/kubernetes-users. For more options, visit https://groups.google.com/d/optout.