Home Secrets on a Kubernetes Cluster
Post
Cancel

Secrets on a Kubernetes Cluster

In this tutorial I show you how to add secrets to a Kubernetes cluster. Secrets are a way to store sensitive information such as passwords, tokens, and keys. Kubernetes secrets are stored in base64 encoded format and can be mounted as files or environment variables in a pod. This is a great way to keep sensitive information out of your code and configuration files.

Step by Step Guide

1. Create an opaque secret

1
kubectl create secret generic my-secret

2. Base64 encode the secret value

1
echo "MySecretPassword" | base64

3. Edit the secret and populate with the base64 encoded string

1
kubectl edit secret my-secret

Create a data key with the base64 encoded string: The data key would be the variable you wish to store the secret in.

1
2
data:
  password: <base64 encode string from above>

Save and exit the editor

Press ESC and type :wq to save and exit the editor.

If you need to decode the secret, you can use the following command:

1
echo "<base64 encode string from above>" | base64 -D
This post is licensed under CC BY 4.0 by the author.