Create Secrets

This section explains how to create Secrets.

Prerequisites

You should join a cluster and have the Project Resource Management permission within the cluster. For more information, refer to “Cluster Members” and “Cluster Roles”.

Steps

  1. Log in to the KubeSphere web console with a user who has the Project Resource Management permission, and access your cluster.

  2. Click Configuration > Secrets in the left navigation pane.

  3. Click Create on the page.

  4. On the Basic Information tab, set the basic information for the Secret, and then click Next.

    ParameterDescription

    Name

    The name of the Secret. The name can only contain lowercase letters, numbers, and hyphens (-), must start and end with a lowercase letter or number, and can be up to 63 characters long.

    Alias

    The alias of the Secret. Aliases can be the same for different Secrets. The alias can only contain Chinese characters, letters, numbers, and hyphens (-), cannot start or end with a hyphen (-), and can be up to 63 characters long.

    Project

    The project to which the Secret belongs.

    Description

    The description of the Secret. The description can contain any characters and can be up to 256 characters long.

  5. On the Data Settings tab, select the data type of the Secret from the Type dropdown list.

    TypeDescription

    Default

    Used to store user-defined data.

    TLS information

    Used to store TLS certificates and private keys.

    Image registry information

    Used to store the address, username, email, and password of an image registry.

    Username and password

    Used to store usernames and passwords.

  6. On the Data Settings tab, set the data for the Secret based on its type, and then click Create.

    • For the Default type of Secret, set the following parameters:

      ParameterDescription

      Data

      Set key-value pairs.

      • Click Add Data to add a key-value pair.

      • Hover over the created pair, then click pen on the right to edit the pair.

      • Hover over the created pair, then click trash-light on the right to delete the pair.

    • For the TLS information type of Secret, set the following parameters:

      ParameterDescription

      Certificate

      TLS certificate.

      Private Key

      TLS private key.

    • For the Image registry information type of Secret, set the following parameters:

      ParameterDescription

      Registry Address

      Address of the image registry. Click the dropdown list to choose either HTTP or HTTPS protocol.

      Username

      Username for accessing the image registry.

      Email

      Email of the user accessing the image registry.

      Password

      Password for accessing the image registry.

      • Click Validate to check if the password is correct.

      • Click eye/eye-closed to show/hide the password.

      Data

      Key-value pair for accessing the image registry.

    • For the Username and password type of Secret, set the following parameters:

      ParameterDescription

      Username

      User-defined username.

      Password

      User-defined password. Click eye/eye-closed to show/hide the password.

    Once the Secret is created, it will be displayed in the list of Secrets.