A Secret is an object that contains a small amount of sensitive data such as a password, a token, or a key. Such information might otherwise be put in a Pod specification or in an image; putting it in a Secret object allows for more control over how it is used, and reduces the risk of accidental exposure.
Sign in with project-regular, enter into one project (e.g. demo-namespace), then select Configuration Center → Secrets.
1.1. Click Create Secret button, then fill in the basic information in the pop-up window. There are two ways to create a Secret, i.e. fill in the creation table and edit mode. The following mainly introduces each step within creation table. If you prefer edit mode, you can click on the edit mode button, it supports the yaml and json formats. Edit mode makes it easy for users who are used to command operations.
1.2. On the basic information page, enter the name of the Secret, you can also fill in the description as required.
Click Next when you're done.
In the Secret settings, the following 4 types are supported:
Data:
Password: hello123
Username: guest
apiVersion: v1
Data:
Tls.crt: base64 encoded cert
Tls.key: base64 encoded key
Kind: Secret
Metadata:
Name: testsecret
Namespace: default
Type: kubernetes.io/tls
Image Repository Secret (kubernetes.io/dockerconfigjson): It's used to store the authentication information of the image registry, such as the following information, see Image Registry: - Repository address: dockerhub.qingcloud.com - Username: guest - Password: 'guest' - Email: 123@test.com
Custom: Allows users to create a type (type) that is similar to the default (Opaque) type, both of them are key-value pairs.
Secrets can be mounted as data volumes or be exposed as environment variables to be used by a container in a pod.
For more information on how to use the Secret, see Quick-Start - Deploy a MySQL Application.