Permalink
Cannot retrieve contributors at this time
| # https://kubernetes.io/docs/tasks/inject-data-application/distribute-credentials-secure/ | |
| # kubectl apply -f pod-secrets.yaml | |
| # kubectl get pods | |
| ## check status, when pod is running | |
| # kubectl exec secret-test-pod cat /etc/secret-volume/username | |
| # kubectl exec secret-test-pod cat /etc/secret-volume/password | |
| # kubectl exec secret-test-pod printenv SECRET_USERNAME | |
| # kubectl exec secret-test-pod printenv SECRET_PASSWORD | |
| ## cleanup | |
| # kubectl delete -f pod-secrets.yaml | |
| # https://cheatsheet.dennyzhang.com/kubernetes-yaml-templates | |
| apiVersion: v1 | |
| kind: Secret | |
| metadata: | |
| name: test-secret | |
| data: | |
| username: bXktYXBw | |
| password: Mzk1MjgkdmRnN0pi | |
| --- | |
| apiVersion: v1 | |
| kind: Pod | |
| metadata: | |
| name: secret-test-pod | |
| spec: | |
| containers: | |
| - name: test-container | |
| image: nginx | |
| volumeMounts: | |
| # name must match the volume name below | |
| - name: secret-volume | |
| mountPath: /etc/secret-volume | |
| env: | |
| - name: SECRET_USERNAME | |
| valueFrom: | |
| secretKeyRef: | |
| name: test-secret | |
| key: username | |
| - name: SECRET_PASSWORD | |
| valueFrom: | |
| secretKeyRef: | |
| name: test-secret | |
| key: password | |
| # The secret data is exposed to Containers in the Pod through a Volume. | |
| volumes: | |
| - name: secret-volume | |
| secret: | |
| secretName: test-secret |