Kubernetes and Secrets
This is going to be a small post since it has to deal with kubernetes and secrets. Yet it is a very useful once since adding secrets is so common yet so easy to forget (guilty as charged).
So we will cover username and password, key/values, file uploading, secrets.
Upload username and password using command line.
kubectl create secret generic accountpassword --from-literal=username=yourusername --from-literal=password=yourpassword
Upload just a key
kubectl create secret generic application-key --from-literal=key=yourusername
Upload username and password through files
printf "yourusername" > username.txt printf "yourpassword" > password.txt kubectl create secret generic accountpassword --from-file=./username.txt --from-file=./password.txt
Then let’s upload a secret. Be aware that this secret can be used with your secret rules.
kubectl create secret tls your-server-tls --key ./privkey.pem --cert ./fullchain.pem
Another step is to upload a file. This file can then be used by being mounted on your container.
kubectl create secret generic secretfile --from-file=key.json=./secret_json.yaml
Then you can mount it to the pod
spec: volumes: - name: secret-json secret: secretName: secretfile containers: - name: containername volumeMounts: - name: secret-json mountPath: /var/secrets/json
That’s all! The full docs can be found here.
|Published on System Code Geeks with permission by Emmanouil Gkatziouras, partner at our SCG program. See the original article here: Kubernetes and Secrets|
Opinions expressed by System Code Geeks contributors are their own.