Skip to main content

Secrets, Encryption

Secrets

Secrets are a Kubernetes object that can be referenced in YAML configurations without having to expose secret information. For example, I can create a secret in K8S which contains a password, and then reference that secret in required YAML files without having to expose the real password in each one.

View secrets

kubectl get secrets

View specified secret

kubectl get secret secretname

View details about specified secret

kubectl describe secretname

Secret Types

Opaque This is the default secret type, where you can store arbitrary key-value pairs.
docker-registry Store credentials for accessing a Docker registry.
tls Store a certificate and private key.

Defining Secrets

apiVersion: v1
kind: Secret
metadata:
  name: my-secret
type: Opaque
data:
  password: cGFzc3dvcmQ=  # base64 of 'password'

Encryption

Back to top