我的书签
添加书签
移除书签secrets
Creating confidential information in a cluster
Kubernetes Secrets let you store and manage sensitive information, such as passwords, OAuth tokens, and ssh keys. Storing confidential information in a Secret is safer and more flexible than putting it verbatim in a Pod definition or in a container image.
Note
Secrets can be created by using any one of the subcommands depending on use case.
- docker-registry
- generic
- tls
docker-registry
- Create a secret for use with a Docker registry
kubectl create secret docker-registry NAME --docker-username=user --docker-password=password --docker-email=email [--docker-server=string] [--from-literal=key1=value1] [--dry-run=server|client|none]
Example
Command
kubectl create secret docker-registry my-secret --docker-username=kubectluser --docker-password=somepassword --docker-email=kubectl@kubectl.com --from-literal=token=GGH132YYu8asbbAA
Output
$ kubectl get secretsNAME TYPE DATA AGEmy-secret Opaque 1 14s
generic
- Create a secret from a local file, directory or literal value
$ kubectl create generic NAME [--type=string] [--from-file=[key=]source] [--from-literal=key1=value1] [--dry-run=server|client|none]
Example
Input File
// file-name: simplesecret.txtkjbfkadbfkabjnaAdjna
Command
kubectl create secret generic my-secret --from-file=simplesecret.txt
Output
$ kubectl get secretsNAME TYPE DATA AGEmy-secret Opaque 1 14s
tls
- Create a secret from tls certificate and key
$ kubectl create secret tls NAME --cert=path/to/cert/file --key=path/to/key/file [--dry-run=server|client|none]
Example
Input File
# tls.certLS0tLS1CRUd...tCg==
# tls.keyLS0tLS1CRUd...0tLQo=
Command
kubectl create secret tls my-secret --cert=tls.cert --ket=tls.key
Output
$ kubectl get secretsNAME TYPE DATA AGEmy-secret Opaque 1 14s
当前内容版权归 kubernetes官网 或其关联方所有,如需对内容或内容相关联开源项目进行关注与资助,请访问 kubernetes官网 .
