Secrets
Kubernetes secret objects let you store and manage sensitive information, such as passwords, OAuth tokens, and ssh keys. Putting this information in a secret is safer and more flexible than putting it verbatim in a Pod definition or in a container image.
A Secret is an object that contains a small amount of sensitive data such as a password, a token, or a key. Such information might otherwise be put in a Pod specification or in an image; putting it in a Secret object allows for more control over how it is used, and reduces the risk of accidental exposure.
Resources
-
Image Pull Secrets
Install
mkdocs-materialwithpipand get up and running in minutes -
It's just Markdown
Focus on your content and generate a responsive and searchable static site
References
apiVersion: v1
kind: Secret
metadata:
name: mysecret
type: Opaque
data:
username: YWRtaW4=
stringData:
admin: administrator
apiVersion: v1
kind: Secret
metadata:
name: mysecret-config
type: Opaque
stringData:
config.yaml: |-
apiUrl: "https://my.api.com/api/v1"
username: token
password: thesecrettoken
apiVersion: v1
kind: Pod
metadata:
name: my-pod
spec:
containers:
- name: my-app
image: bitnami/nginx
ports:
- containerPort: 8080
env:
- name: SECRET_USERNAME
valueFrom:
secretKeyRef:
name: mysecret
key: username
envFrom:
- secretRef:
name: mysecret
volumeMounts:
- name: config
mountPath: "/etc/secrets"
volumes:
- name: config
secret:
secretName: mysecret-config
Create files needed for rest of example
Creating Secret from files
Getting Secret
Gets the Secret's Description
Create files needed for rest of example
Creates the Secret from the files Gets the Secret Gets the Secret's Description