If I have an app service deployed via helm in namespace dev
, could this service access to a secret defined in namespace default
?
Or
What is the namespace which the other resources in other namespaces can have access?
Maybe kube-public?
kube-public This namespace is created automatically and is readable by all users (including those not authenticated). This namespace is mostly reserved for cluster usage, in case that some resources should be visible and readable publicly throughout the whole cluster. The public aspect of this namespace is only a convention, not a requirement.
If I defined a secret in a kube-public namespace this should be readed by all in the cluster … But, is this the better option?
Here, talk about of Roles but I am not sure …
In where place should be my secrets in order to any environment can have access to them of a safe way?
Considering that it is my current implementation, what is the best approach?
By the way, is a good idea to have one kong-ingress
by each namespace or maybe only one kong-ingress
working in a cross-namespace approach? I know that this depends on the requirements, is a good idea to know that each domain has their own tls certificates.