Doppler and Kubernetes. Better Together.
Give your engineering team the secrets management, automation, and observability features they deserve.
See the Vercel Integration in Action
Watch our video walkthrough. Get up and running in a few minutes!
Sync Secrets with
Kubernetes
Integrating Doppler with
Kubernetes
is easy and only takes a few minutes.
Install Kubernetes Operator
Use Helm or kubectl to install the Doppler Operator.
Create Doppler Token Secret
Provides the Operator with read-only secrets access for a single config.
Create DopplerSecret CRD
Create a custom DopplerSecret resource defining the managed secret name and namespace.
Automatic Redeplyments
Add a single annotation to trigger a redeployment when the secrets for a deployment change.
FAQ
How does Doppler improve secrets management for Kubernetes?
Kubernetes offers immense flexibility for injecting secrets into containerized workloads but provides no built-in secrets management layer beyond the `kubectl edit secrets` command.
Our Kubernetes Operator gives you the power of the Doppler dashboard while continuously syncing secrets to Kubernetes with automatic deployment updates to ensure applications always have the latest version of secrets.
And because it syncs to standard Opaque Kubernetes secrets, no application code or Kubernetes deployment changes are required.
Its enterprise scale and designed to sync secrets for any number of environments (e.g. test, staging, and production) with support for namespace or cluster level secrets isolation.
Doppler is also much more than just a Key-Value store offering features such as:
What if I can’t or don’t want to install the Operator?
While the Operator is certainly the most automated and scalable solution, you can also embed the Doppler CLI inside your container or use the Doppler CLI to create sync Kubernetes secrets on demand.
Can Doppler be used to sync TLS and PKCS12 certificates?
WIP
How can I see which Secrets are being managed by the Operator?
Run the following command which will scan all namespaces for secrets created from the DopplerSecret CRD:
kubectl describe secrets --selector=secrets.doppler.com/subtype=dopplerSecret --all-namespaces
How do I gain visibility into the logs and state of the Operator?
The open source Dopper Operator repository contains an operator-logs script built for monitoring and troubleshooting purposes.
Is Helm supported for installing the Operator?
Yes, you can install the Operator using Helm by running:
helm repo add doppler https://helm.doppler.com
helm install --generate-name doppler/doppler-kubernetes-operator
See the Doppler Operator installation guide to learn more.
The Doppler Effect
Loved by hobbyists and forward-thinking companies for transforming their developer experience. It's an honor to share their stories.
