0
点赞
收藏
分享

微信扫一扫

Secret实战

双井暮色 2023-06-15 阅读 42
generictlsdocker-registry考试认证yyds干货盘点
可选参数

generic: 通用类型,通常用于存储密码数据
tls:此类型仅用于存储私钥和证书
docker-registry: 若要保存docker仓库认证信息,就必须使用此类型创建

字面量创建secret

[root@k8smaster4 sc]# kubectl create secret generic mysqlpassword --from-literal=password=51CTO**zty

创建成功后查看

[root@k8smaster4 sc]# kubectl get secret
NAME            TYPE     DATA   AGE
mysqlpassword   Opaque   1      48s
You have mail in /var/spool/mail/root
[root@k8smaster4 sc]# kubectl describe secret mysqlpassword
Name:         mysqlpassword
Namespace:    default
Labels:       <none>
Annotations:  <none>

Type:  Opaque

Data
====
password:  10 bytes
[root@k8smaster4 sc]#

创建Pod引用

[root@k8smaster4 sc]# cat secret-pod.yaml 
apiVersion: v1
kind: Pod
metadata:
  annotations:
    reason: practice
  creationTimestamp: 2022-02-18T18:52:05Z
  name: secret-test-pod
  labels:
    environment: test
    app: myapp
spec:
  containers:
  - name: secret-test-mysql
    image: docker.io/ikubernetes/myapp:v1
    imagePullPolicy: IfNotPresent
    ports:
    - name: http
      containerPort: 80
    env:
    - name: MYSQL_ROOT_PASSWORD
      valueFrom:
        secretKeyRef:
          name: mysqlpassword
          key: password

查看Pod引用结果

[root@k8smaster4 sc]# kubectl exec -it secret-test-pod -c secret-test-mysql -- /bin/sh
/ # printenv
MYSERVICE_SERVICE_HOST=10.106.29.205
KUBERNETES_SERVICE_PORT=443
MYAPP_SVC_PORT_80_TCP_ADDR=10.98.57.156
KUBERNETES_PORT=tcp://10.96.0.1:443
MYAPP_SVC_PORT_80_TCP_PORT=80
HOSTNAME=secret-test-pod
SHLVL=1
MYAPP_SVC_PORT_80_TCP_PROTO=tcp
HOME=/root
MYSERVICE_SERVICE_PORT=80
MYSERVICE_PORT=tcp://10.106.29.205:80
MYSQL_ROOT_PASSWORD=51CTO**zty
MYSERVICE_PORT_80_TCP_ADDR=10.106.29.205
MYAPP_SVC_PORT_80_TCP=tcp://10.98.57.156:80
MYSERVICE_PORT_80_TCP_PORT=80
MYSERVICE_PORT_80_TCP_PROTO=tcp
TERM=xterm
NGINX_VERSION=1.12.2
KUBERNETES_PORT_443_TCP_ADDR=10.96.0.1
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
KUBERNETES_PORT_443_TCP_PORT=443
KUBERNETES_PORT_443_TCP_PROTO=tcp
MYSERVICE_PORT_80_TCP=tcp://10.106.29.205:80
MYAPP_SVC_SERVICE_HOST=10.98.57.156
KUBERNETES_PORT_443_TCP=tcp://10.96.0.1:443
KUBERNETES_SERVICE_PORT_HTTPS=443
PWD=/
KUBERNETES_SERVICE_HOST=10.96.0.1
MYAPP_SVC_SERVICE_PORT=80
MYAPP_SVC_PORT=tcp://10.98.57.156:80


举报

相关推荐

Secret

kubernetes

HackTheBox-Easy-Secret国外渗透实战靶场

网络安全安全漏洞web安全系统安全计算机网络

Secret配置

secret考试认证yyds干货盘点

Secret,ConfigMap

Pod环境变量置数据kubernetes云计算

Kubernetes Secret

kubernetes容器云原生Pod敏感数据JavaScript前端开发

【云原生】kubernetes中secret原理详解与应用实战

机器学习深度学习学习人工智能机器翻译模型

(UVA) Secret Research

gitsed#includePython后端开发

secret的认识

kubernetesdocker容器

docker swarm secret

Docker敏感数据硬编码云计算

私密凭据:Secret

自动化kubernetesdocker云原生Secret
0 条评论