Security is a major concern in continuous integration (CI), especially when managing sensitive information like API keys, passwords, and other secrets. For Kubernetes resources, Sealed Secrets offer an effective solution for securely managing sensitive information within your repository. In this blog we will explore what are Sealed Secrets, how to use them and some common management tasks around Sealed Secrets.

What are Sealed Secrets?

Sealed Secrets is a set of Kubernetes resources, controller and custom resource definition, that enables secure storage of secrets in your version control system (VCS). Unlike standard Kubernetes Secrets, which are base64-encoded and easily decoded, Sealed Secrets use asymmetric encryption to ensure your secrets remain encrypted until deployed to your Kubernetes cluster. Once deployed, the Sealed Secrets controller decrypts them into regular Kubernetes secrets, making them accessible to your applications.

Large Language Models (LLMs) have been making waves in the field of artificial intelligence (AI) for quite some time, and their popularity continues to soar. These advanced models have the remarkable ability to understand, generate, and respond to human language with unprecedented accuracy and depth. With this surge in interest comes the rise of open source solutions that enable individuals and organizations to host LLMs locally.

In this blog post we will explore how to turn your existing local computer/server into a simple ai server.

Kubernetes is an incredible tool for deploying, scaling, and managing containerized applications. One crucial aspect of kubernetes security is ensuring that communication between different entities is secure. By default, kubernetes management network is secure and pod network is handled by 3rd party plugin which mostly support encryption.

Today we will focus on properly securing outside-in web communication to our cluster with Cert-Manager and self-signed certificates. We assume that you have access to working kubernetes cluster with ingress controller.