Using Secrets
Secrets work very similarly to ConfigMaps, except that they are stored as encoded text (specifically, Base64) instead of plaintext.
Creating a Secret is therefore very similar to creating a ConfigMap, with a few key differences. For starters, creating a Secret imperatively will automatically Base64-encode the data in the Secret. First, let's look at creating a Secret imperatively from a pair of files.
From files
First, let's try creating a Secret from a file (this also works with multiple files). We can do this using the kubectl create
command:
> echo -n 'mysecretpassword' > ./pass.txt > kubectl create secret generic my-secret --from-file=./pass.txt
This should result in the following output:
secret "my-secret" created
Now, let's see what our Secret looks like using kubectl describe
:
> kubectl describe secrets/db-user-pass
This command should result in the following output:
Name: ...