kube/secrets

rtfd/public/kubernetes/index.rst

@@ -411,8 +411,8 @@ Pod YAML configurations
    - name: my-container
      image: my-image
      volumeMounts:
-     - name: my-volumemounts
+     - name: my-volume
-       mountPath: /etc/my-volumemounts.txt
+       mountPath: /var/lib/my-volume
    volumes:
    - name: my-volume
      configMap:
@@ -448,3 +448,91 @@ Pod YAML configurations
      envFrom:
      - configMapRef:
        name: my-configmap
+
+Secrets
+=======
+
+* generic
+* docker-registry
+* tls
+
+From:
+
+* environment variables file
+* file
+* key and value
+
+Read
+----
+
+.. code:: shell
+
+ kubectl \
+ get secrets \
+ -n my-namespace
+
+Write
+-----
+
+.. code:: shell
+
+ kubectl \
+ create secret generic my-secret \
+ --from-literal 'username=user' \
+ --from-literal 'password=1234' \
+ -n my-namespace
+
+.. code:: shell
+
+ kubectl \
+ create secret generic my-secret \
+ --from-file 'my-secret.txt' \
+ -n my-namespace
+
+.. code:: shell
+
+ kubectl \
+ create secret generic my-secret \
+ --from-env-file 'my-secret.env' \
+ -n my-namespace
+
+.. code:: shell
+
+ kubectl \
+ delete secret my-secret \
+ -n my-namespace
+
+.. code:: yaml
+
+ apiVersion: v1
+ kind: Pod
+ metadata:
+   name: my-pod
+ spec:
+   containers:
+   - name: my-container
+     image: my-image
+     volumeMounts:
+     - name: my-secret-volume
+       mountPath: /var/lib/my-secret-volume
+   volumes:
+   - name: my-secret-volume
+     secret:
+       secretName: my-secret
+
+.. code:: yaml
+
+ apiVersion: v1
+ kind: Pod
+ metadata:
+   name: my-pod
+ spec:
+   containers:
+   - name: my-container
+     image: my-image
+     env:
+     - name: username
+       valueFrom:
+         secretKeyRef:
+           name: username
+           key: username