Secret
Contents
Securly stores a piece of information in a cluster, such as a database password.
Documentation
Secret Definition
Using kubectl
kubectl create secret generic <secret-name> --from-literal <key>=<value>
kubectl create secret generic my-password --from-literal=password=mysqlpassword
Create a Secret from a File
echo mysqlpassword | base64 → bXlzcWxwYXNzd29yZAo=
echo -n 'bXlzcWxwYXNzd29yZAo=' > password.txt
kubectl create secret generic my-file-password --from-file=password.txt
Note: types fo secret
- generic → key-value pairs
- docker-registry → credentials for accessing docker registry
- tls → tls keys
Using file
data → Base64 encoded
echo mysqlpassword | base64 → bXlzcWxwYXNzd29yZAo=
apiVersion: v1 kind: Secret metadata: name: my-password type: Opaque data: password: bXlzcWxwYXNzd29yZAo=
stringData → plain text secret
apiVersion: v1 kind: Secret metadata: name: my-password type: Opaque stringData: password: mysqlpassword
Use Secrets Inside Pods
....
spec:
containers:
- image: wordpress:4.7.3-apache
name: wordpress
env:
- name: WORDPRESS_DB_PASSWORD
valueFrom:
secretKeyRef:
name: my-password
key: password
....