Secrets

Secrets store sensitive data like passwords, tokens, or keys. They may contain one or more key value pairs.

This page is about secrets in general. For details on setting up a private registry, refer to the section on registries.

When configuring a workload, you’ll be able to choose which secrets to include. Like config maps, secrets can be referenced by workloads as either an environment variable or a volume mount.

Mounted secrets will be updated automatically unless they are mounted as subpath volumes. For details on how updated secrets are propagated, refer to the Kubernetes documentation.

Creating Secrets

In the upper left corner, click ☰ > Cluster Management.
Go to the cluster where you want to add a secret and click Explore.
Click More Resources > Core > Secrets.
Click Create.
Select the type of secret you want to create.
Select a Namespace for the secret.
Enter a Name for the secret.

Note: Kubernetes classifies secrets, certificates, and registries all as secrets, and no two secrets in a project or namespace can have duplicate names. Therefore, to prevent conflicts, your secret must have a unique name among all secrets within your workspace.
From Data, click Add to add a key-value pair. Add as many values as you need.

Tip: You can add multiple key value pairs to the secret by copying and pasting.
Click Save.

Result: Your secret is added to the project or namespace, depending on the scope you chose. You can view the secret in the Rancher UI from the Resources > Secrets view.

Mounted secrets will be updated automatically unless they are mounted as subpath volumes. For details on how updated secrets are propagated, refer to the Kubernetes documentation.

What’s Next?

Now that you have a secret added to the project or namespace, you can add it to a workload that you deploy.

For more information on adding secret to a workload, see Deploying Workloads.