Doppler and Kubernetes. Better Together.

Give your engineering team the secrets management, automation, and observability features they deserve.

Rollback Support
Automatic Redeploys
Git style activity log
Fine-grained Access Control
Secrets Referencing
Team Management

Watch our setup guide
A full walkthrough with Ryan

See the Vercel Integration in Action

Watch our video walkthrough. Get up and running in a few minutes!

HOW IT WORKS

Sync secrets with

Kubernetes

Integrating Doppler with

Kubernetes

is easy and only takes a few minutes.

Install Kubernetes Operator

Use Helm or kubectl to install the Doppler Operator.

Create Project

Create a Doppler project for your Kubernetes application.

Import Secrets

Import your current Kubernetes secrets into Doppler.

Create Doppler Token Secret

Provides the Operator with read-only secrets access for a single config.

Create DopplerSecret CRD

Create a custom DopplerSecret resource defining the managed secret name and namespace.

Secrets Sync

The Operator will now automatically sync updates to the managed Kubernetes secrets.

Automatic Redeplyments

Add a single annotation to trigger a redeployment when the secrets for a deployment change.

FAQ

How does Doppler improve secrets management for Kubernetes?

Kubernetes offers immense flexibility for injecting secrets into containerized workloads but provides no built-in secrets management layer beyond the `kubectl edit secrets` command.

Our Kubernetes Operator gives you the power of the Doppler dashboard while continuously syncing secrets to Kubernetes with automatic deployment updates to ensure applications always have the latest version of secrets.

And because it syncs to standard Opaque Kubernetes secrets, no application code or Kubernetes deployment changes are required.

Its enterprise scale and designed to sync secrets for any number of environments (e.g. test, staging, and production) with support for namespace or cluster level secrets isolation.

Doppler is also much more than just a Key-Value store offering features such as:

What if I can’t or don’t want to install the Operator?

While the Operator is certainly the most automated and scalable solution, you can also embed the Doppler CLI inside your container or use the Doppler CLI to create sync Kubernetes secrets on demand.

Can Doppler be used to sync TLS and PKCS12 certificates?

WIP

How can I see which Secrets are being managed by the Operator?

Run the following command which will scan all namespaces for secrets created from the DopplerSecret CRD:

   kubectl describe secrets --selector=secrets.doppler.com/subtype=dopplerSecret --all-namespaces

How do I gain visibility into the logs and state of the Operator?

The open source Dopper Operator repository contains an operator-logs script built for monitoring and troubleshooting purposes.

Is Helm supported for installing the Operator?

Yes, you can install the Operator using Helm by running:

    helm repo add doppler https://helm.doppler.com
    helm install --generate-name doppler/doppler-kubernetes-operator

See the Doppler Operator installation guide to learn more.

The Doppler Effect

Loved by hobbyists and forward-thinking companies for transforming their developer experience. It's an honor to share their stories.