Permalink
Cannot retrieve contributors at this time
# https://kubernetes.io/docs/tasks/inject-data-application/distribute-credentials-secure/ | |
# kubectl apply -f pod-secrets.yaml | |
# kubectl get pods | |
## check status, when pod is running | |
# kubectl exec secret-test-pod cat /etc/secret-volume/username | |
# kubectl exec secret-test-pod cat /etc/secret-volume/password | |
# kubectl exec secret-test-pod printenv SECRET_USERNAME | |
# kubectl exec secret-test-pod printenv SECRET_PASSWORD | |
## cleanup | |
# kubectl delete -f pod-secrets.yaml | |
# https://cheatsheet.dennyzhang.com/kubernetes-yaml-templates | |
apiVersion: v1 | |
kind: Secret | |
metadata: | |
name: test-secret | |
data: | |
username: bXktYXBw | |
password: Mzk1MjgkdmRnN0pi | |
--- | |
apiVersion: v1 | |
kind: Pod | |
metadata: | |
name: secret-test-pod | |
spec: | |
containers: | |
- name: test-container | |
image: nginx | |
volumeMounts: | |
# name must match the volume name below | |
- name: secret-volume | |
mountPath: /etc/secret-volume | |
env: | |
- name: SECRET_USERNAME | |
valueFrom: | |
secretKeyRef: | |
name: test-secret | |
key: username | |
- name: SECRET_PASSWORD | |
valueFrom: | |
secretKeyRef: | |
name: test-secret | |
key: password | |
# The secret data is exposed to Containers in the Pod through a Volume. | |
volumes: | |
- name: secret-volume | |
secret: | |
secretName: test-secret |