Creating Secrets in Kubernetes: A Step-by-step Guide

Secrets are Kubernetes objects that hold sensitive data. Kubernetes has a built-in system for managing secrets, but it only works with the Kubernetes API and not with other tools. This blog post will show you how to create Kubernetes secrets without using Kubernetes API or any other tool.

Kubernetes Secrets allow you to store sensitive information, such as passwords, OAuth tokens, and SSH keys, in a Kubernetes cluster. Kubernetes Secrets are encrypted at rest and can only be accessed by authorized applications. Kubernetes Secrets can be used to securely provision applications and services in a Kubernetes cluster.

To create a Kubernetes Secret, you first need to create a Kubernetes Secret object. The following example shows how to create a Kubernetes Secret object for an application:

apiVersion: v1
kind: Secret
metadata:
  name: adminpass
type: kubernetes.io/basic-auth
stringData:
  username: admin
  password: justapsss

You can then use the Kubernetes Secret to provision applications and services in a Kubernetes cluster. For example, you could use the Kubernetes Secret to provide the password for accessing an application database.

The following manifest file creates a pod and provisions the above secret to the pod and an environment variable.

kind: Pod 
apiVersion: v1 
metadata:
  name: mypod
spec:
  containers:
    - name: mypod
      image: nginx:latest
      env:
        - name: ADMIN_PASS
          valueFrom: 
            secretKeyRef:
              name: adminpass
              key: password       

Once the pod is deployed the password will be available to the pod. to view the variable run the export command inside the pod.

For more posts about Kubernetes please visit the category page.


Posted

in

by