mirror of
https://github.com/k3s-io/kubernetes.git
synced 2025-07-23 19:56:01 +00:00
Add example for secrets
This commit is contained in:
parent
ad37263ab7
commit
e1885ba05f
46
examples/secrets/README.md
Normal file
46
examples/secrets/README.md
Normal file
@ -0,0 +1,46 @@
|
||||
# Secrets example
|
||||
|
||||
Following this example, you will create a secret and a pod that consumes that secret in a volume.
|
||||
|
||||
## Step Zero: Prerequisites
|
||||
|
||||
This example assumes you have a Kubernetes cluster installed and running, and that you have
|
||||
installed the ```kubectl``` command line tool somewhere in your path. Please see the [getting
|
||||
started](../../docs/getting-started-guides) for installation instructions for your platform.
|
||||
|
||||
## Step One: Create the secret
|
||||
|
||||
A secret contains a set of named byte arrays.
|
||||
|
||||
Use the `examples/secrets/secret.yaml` file to create a secret:
|
||||
|
||||
```shell
|
||||
$ kubectl create -f examples/secrets/secret.yaml
|
||||
```
|
||||
|
||||
You can use `kubectl` to see information about the secret:
|
||||
|
||||
```shell
|
||||
$ kubectl get secrets
|
||||
NAME TYPE DATA
|
||||
test-secret Opaque 2
|
||||
```
|
||||
|
||||
## Step Two: Create a pod that consumes a secret
|
||||
|
||||
Pods consume secrets in volumes. Now that you have created a secret, you can create a pod that
|
||||
consumes it.
|
||||
|
||||
Use the `examples/secrets/secret-pod.yaml` file to create a Pod that consumes the secret.
|
||||
|
||||
```shell
|
||||
$ kubectl create -f examples/secrets/secret-pod.yaml
|
||||
```
|
||||
|
||||
This pod runs a binary that displays the content of one of the pieces of secret data in the secret
|
||||
volume:
|
||||
|
||||
```shell
|
||||
$ kubectl log secret-test-pod
|
||||
2015-04-29T21:17:24.712206409Z content of file "/etc/secret-volume/data-1": value-1
|
||||
```
|
18
examples/secrets/secret-pod.yaml
Normal file
18
examples/secrets/secret-pod.yaml
Normal file
@ -0,0 +1,18 @@
|
||||
apiVersion: v1beta3
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: secret-test-pod
|
||||
spec:
|
||||
containers:
|
||||
- name: test-container
|
||||
image: kubernetes/mounttest:0.1
|
||||
command: [ "/mt", "--file_content=/etc/secret-volume/data-1" ]
|
||||
volumeMounts:
|
||||
# name must match the volume name below
|
||||
- name: secret-volume
|
||||
mountPath: /etc/secret-volume
|
||||
volumes:
|
||||
- name: secret-volume
|
||||
secret:
|
||||
secretName: test-secret
|
||||
restartPolicy: Never
|
7
examples/secrets/secret.yaml
Normal file
7
examples/secrets/secret.yaml
Normal file
@ -0,0 +1,7 @@
|
||||
apiVersion: v1beta3
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: test-secret
|
||||
data:
|
||||
data-1: dmFsdWUtMQ0K
|
||||
data-2: dmFsdWUtMg0KDQo=
|
Loading…
Reference in New Issue
Block a user