All production applications require some secret information to function. Kubernetes has a pluggable secrets backend to manage these secrets. Kubernetes also provides multiple ways of using the secrets in your deployment. The ability to manage secrets and properly use the secrets backend will make your services resistant to attacks.
We have used secrets in all our deployments in previous chapters. Mostly, we passed the secrets as a string in some kind of variable, or Helm took care of creating the secrets for us. In Kubernetes, secrets are a resource just like pods and replica sets. There are no cluster-wide secrets, which can cause a number of long debugging sessions. Secrets have to be (re)created in all the namespaces where you want to use them. In this section, we'll learn how to create, decode, and use our own secrets.