Permalink
Switch branches/tags
Nothing to show
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
48 lines (47 sloc) 1.31 KB
# https://kubernetes.io/docs/tasks/inject-data-application/distribute-credentials-secure/
# kubectl apply -f pod-secrets.yaml
# kubectl get pods
## check status, when pod is running
# kubectl exec secret-test-pod cat /etc/secret-volume/username
# kubectl exec secret-test-pod cat /etc/secret-volume/password
# kubectl exec secret-test-pod printenv SECRET_USERNAME
# kubectl exec secret-test-pod printenv SECRET_PASSWORD
## cleanup
# kubectl delete -f pod-secrets.yaml
# https://cheatsheet.dennyzhang.com/kubernetes-yaml-templates
apiVersion: v1
kind: Secret
metadata:
name: test-secret
data:
username: bXktYXBw
password: Mzk1MjgkdmRnN0pi
---
apiVersion: v1
kind: Pod
metadata:
name: secret-test-pod
spec:
containers:
- name: test-container
image: nginx
volumeMounts:
# name must match the volume name below
- name: secret-volume
mountPath: /etc/secret-volume
env:
- name: SECRET_USERNAME
valueFrom:
secretKeyRef:
name: test-secret
key: username
- name: SECRET_PASSWORD
valueFrom:
secretKeyRef:
name: test-secret
key: password
# The secret data is exposed to Containers in the Pod through a Volume.
volumes:
- name: secret-volume
secret:
secretName: test-secret