K8s: docs issue 1105 (#1108)

kaitlynmichael · web-flow · commit 4fad1305960b · 2025-02-03T16:32:58.000-06:00
* new username in "update rec cred secret" step

* fix step and code formating

* fix similar command issue
diff --git a/content/operate/kubernetes/security/manage-rec-credentials.md b/content/operate/kubernetes/security/manage-rec-credentials.md
@@ -44,107 +44,111 @@ The credentials can be used to access the Redis Enterprise admin console or the
 
 1. Access a [pod](https://kubernetes.io/docs/concepts/workloads/pods/) running a Redis Enterprise cluster.
 
-    ```bash
-    kubectl exec -it <rec-resource-name>-0 bash
-    ```
+```sh
+kubectl exec -it <rec-resource-name>-0 bash
+```
 
-1. Add a new password for the existing user.
+2. Add a new password for the existing user.
+
+```bash
+REC_USER="`cat /opt/redislabs/credentials/username`" \
+REC_PASSWORD="`cat /opt/redislabs/credentials/password`" \
+curl -k --request POST \
+  --url https://localhost:9443/v1/users/password \
+  -u "$REC_USER:$REC_PASSWORD" \
+  --header 'Content-Type: application/json' \
+  --data "{\"username\":\"$REC_USER\", \
+  \"old_password\":\"$REC_PASSWORD\", \
+  \"new_password\":\"<NEW PASSWORD>\"}"
+```
 
-    ```bash
-     REC_USER="`cat /opt/redislabs/credentials/username`" \
-     REC_PASSWORD="`cat /opt/redislabs/credentials/password`" \
-     curl -k --request POST \
-       --url https://localhost:9443/v1/users/password \
-       -u "$REC_USER:$REC_PASSWORD" \
-       --header 'Content-Type: application/json' \
-       --data "{\"username\":\"$REC_USER\", \
-     \"old_password\":\"$REC_PASSWORD\", \
-     \"new_password\":\"<NEW PASSWORD>\"}"
-    ```
+3. From outside the pod, update the REC credential secret.
 
-1. From outside the pod, update the REC credential secret.
+3a. Save the existing username to a text file.
 
-    1. Save the existing username to a text file .
-        ```bash
-        echo -n "<current_username>" > username 
-        ```
+```sh
+echo -n "<current_username>" > username 
+```
 
-    1. Save the new password to a text file.
-        ```bash
-        echo -n "<new_password>" > password
-        ```
+3b. Save the new password to a text file.
 
-    1. Update the REC credential secret.
-        ```bash
-        kubectl create secret generic <cluster_secret_name> \
-          --from-file=./username \
-          --from-file=./password --dry-run \
-          -o yaml
-        kubectl apply -f 
-        ```
+```sh
+echo -n "<new_password>" > password
+```
 
-1. Wait five minutes for all the components to read the new password from the updated secret. If you proceed to the next step too soon, the account could get locked.
+3c. Update the REC credential secret.
 
-1. Access a pod running a Redis Enterprise cluster again.
+```sh
+kubectl create secret generic <cluster_secret_name> \
+  --from-file=./username \
+  --from-file=./password --dry-run \
+  -o yaml | \
+kubectl apply -f 
+```
 
-    ```bash
-    kubectl exec -it <rec-resource-name>-0 bash
-    ```
+4. Wait five minutes for all the components to read the new password from the updated secret. If you proceed to the next step too soon, the account could get locked.
 
- 1. Remove the previous password to ensure only the new one applies.
+5. Access a pod running a Redis Enterprise cluster again.
 
-    ```sh
-    REC_USER="`cat /opt/redislabs/credentials/username`"; \
-    REC_PASSWORD="`cat /opt/redislabs/credentials/password`"; \
-    curl -k --request DELETE \ 
-      --url https://localhost:9443/v1/users/password \
-      -u "$REC_USER:$REC_PASSWORD" \
-      --header 'Content-Type: application/json' \
-      --data "{\"username\":\"$REC_USER\", \
-      \"old_password\":\"<OLD PASSWORD\"}"
-    ```
+```sh
+kubectl exec -it <rec-resource-name>-0 bash
+```
+
+6. Remove the previous password to ensure only the new one applies.
 
-    {{<note>}} The username for the K8s secret is the email displayed on the Redis Enterprise admin console. {{</note>}}
+```sh
+REC_USER="`cat /opt/redislabs/credentials/username`"; \
+REC_PASSWORD="`cat /opt/redislabs/credentials/password`"; \
+curl -k --request DELETE \ 
+  --url https://localhost:9443/v1/users/password \
+  -u "$REC_USER:$REC_PASSWORD" \
+  --header 'Content-Type: application/json' \
+  --data "{\"username\":\"$REC_USER\", \
+  \"old_password\":\"<OLD PASSWORD\"}"
+```
+
+{{<note>}} The username for the K8s secret is the email displayed on the Redis Enterprise admin console. {{</note>}}
 
 ### Change both the REC username and password
 
 1. [Connect to the admin console]({{< relref "/operate/kubernetes/re-clusters/connect-to-admin-console.md" >}})
 
-1. [Add another admin user]({{< relref "/operate/rs/security/access-control/create-users" >}}) and choose a new password.
+2. [Add another admin user]({{< relref "/operate/rs/security/access-control/create-users" >}}) and choose a new password.
 
-1. Specify the new username in the `username` field of your REC custom resource spec.
+3. Specify the new username in the `username` field of your REC custom resource spec.
 
-1. Update the REC credential secret:
+4. Update the REC credential secret:
 
-    1. Save the existing username to a text file.
+4a. Save the new username to a text file.
 
-        ```bash
-        echo -n "<current_username>" > username
-        ```
+```sh
+echo -n "<new_username>" > username
+```
 
-    1. Save the new password to a text file.
+4b. Save the new password to a text file.
 
-        ```bash
-        echo -n "<new_password>" > password
-        ```
+```sh
+echo -n "<new_password>" > password
+```
 
-    1. Update the REC credential secret.
+4c. Update the REC credential secret.
 
-        ```bash
-        kubectl create secret generic <cluster_secret_name> \
-          --from-file=./username \
-          --from-file=./password --dry-run \
-          -o yaml
-        kubectl apply -f 
-        ```
+```sh
+kubectl create secret generic <cluster_secret_name> \
+  --save-config \
+  --dry-run=client \
+  --from-file=./username --from-file=./password \
+  -o yaml | \
+kubectl apply -f
+```
 
-1. Wait five minutes for all the components to read the new password from the updated secret. If you proceed to the next step too soon, the account could get locked.
+5. Wait five minutes for all the components to read the new password from the updated secret. If you proceed to the next step too soon, the account could get locked.
 
-1. Delete the previous admin user from the cluster.
+6. Delete the previous admin user from the cluster.
 
-  {{<note>}}
+{{<note>}}
 The operator may log errors in the time between updating the username in the REC spec and the secret update.
-  {{</note>}}
+{{</note>}}
 
 ### Update the credentials secret in Vault
 
