Home Interests Kubernetes

How to Copy Secrets From One Kubernetes Cluster to Another

howchoo   (467)
August 23, 2023
6 minutes


Posted in these interests:
kubernetes • 6 guides

There are many reasons you might want to copy Kubernetes secrets from one cluster to another. In recent months, I had to migrate to a new GKE cluster in order to get some new functionality. And in this particular project, some secrets are created by processes that are too complicated to recreate on the new cluster. The easiest solution was simply to copy the secrets over.

Secure Your Sensitive Data with Kubernetes Secrets
Learn how to create and use Kubernetes secrets

So in this guide, I’ll show you a few simple ways of copying secrets from one Kubernetes cluster to another.

1 – Export the secret

For the purposes of this guide, I’ll refer to the two clusters are “source” and “destination”. We want to copy a secret from our “source” cluster to our “destination” cluster.

So first, ensure you’re authenticated with your source cluster.

kubectl config current-context

This should show the name of the context configured to access your source cluster.

Now export the secret, and store the secret config data in a file.

kubectl get secret my-secret-name --export -o yaml > my-secret-name.yaml

2 – Import the secret into the new cluster

Now, you can import the secret into the new cluster. So go ahead and authenticate with the destination cluster, and simply apply the config file you just exported.

kubectl apply -f my-secret-name.yaml

Now confirm your secret was created properly.

kubectl get secret

This should show your newly created secret.

Now, a quick note on security. There are security risks associated with storing sensitive information on your file system (even if the file is deleted). In any case, you’ll want to delete the file that was used to temporarily store the secret data, and only use this method if you understand the risks and are happy to accept them.

3 – Simplifying this approach

The first two steps were broken out, but can be combined into a single command.

First you’ll need to get the context names for your two clusters. This command will help:

kubectl config get-contexts

Now you can run:

kubectl get secret my-secret-name --context source_context --export -o yaml | kubectl apply --context destination_context -f -

Hopefully you recognize some of the component parts of this script. We’re skipping the part where we export the config to a file, and instead piping the config into kubectl apply. Notice that we can set the context for each kubectl command, this allows us to send data from one cluster to another. Beautiful!

Kubernetes is compatible with Superset which can help visualize data between multiple sources. Visit our guide for steps on how to install Apache Superset on a GKE Kubernetes Cluster.


Secure Your Sensitive Data with Kubernetes Secrets

Learn how to create and use Kubernetes secrets.
howchoo   (467)
November 26, 2023

Kubernetes secrets are objects that store and manage sensitive data inside your Kubernetes cluster. One mistake developers often make is storing sensitive information like database passwords, API credentials, etc in a settings file in their codebase. This is very bad practice (hopefully for obvious reasons). Most developers know this, but still choose the option because it’s easy.

Continue Reading


 467 guides

Introducing Howchoo, an enigmatic author whose unique pen name reflects their boundless curiosity and limitless creativity. Mysterious and multifaceted, Howchoo has emerged as a captivating storyteller, leaving readers mesmerized by the uncharted realms they craft with their words. With an insatiable appetite for knowledge and a love for exploration, Howchoo's writing transcends conventional genres, blurring the lines between fantasy, science fiction, and the surreal. Their narratives are a kaleidoscope of ideas, weaving together intricate plots, unforgettable characters, and thought-provoking themes that challenge the boundaries of imagination.

Discover interesting things!

Explore Howchoo's most popular interests.