2015-07-13 20:13:09 -04:00
<!-- BEGIN MUNGE: UNVERSIONED_WARNING -->
<!-- BEGIN STRIP_FOR_RELEASE -->
2015-07-16 13:02:26 -04:00
< img src = "http://kubernetes.io/img/warning.png" alt = "WARNING"
width="25" height="25">
< img src = "http://kubernetes.io/img/warning.png" alt = "WARNING"
width="25" height="25">
< img src = "http://kubernetes.io/img/warning.png" alt = "WARNING"
width="25" height="25">
< img src = "http://kubernetes.io/img/warning.png" alt = "WARNING"
width="25" height="25">
< img src = "http://kubernetes.io/img/warning.png" alt = "WARNING"
width="25" height="25">
< h2 > PLEASE NOTE: This document applies to the HEAD of the source tree< / h2 >
If you are using a released version of Kubernetes, you should
refer to the docs that go with that version.
2015-12-14 13:37:38 -05:00
<!-- TAG RELEASE_LINK, added by the munger automatically -->
2015-07-16 13:02:26 -04:00
< strong >
2015-11-03 13:17:57 -05:00
The latest release of this document can be found
[here ](http://releases.k8s.io/release-1.1/docs/user-guide/secrets/README.md ).
2015-07-16 13:02:26 -04:00
Documentation for other releases can be found at
[releases.k8s.io ](http://releases.k8s.io ).
< / strong >
--
2015-07-13 18:15:35 -04:00
2015-07-13 20:13:09 -04:00
<!-- END STRIP_FOR_RELEASE -->
<!-- END MUNGE: UNVERSIONED_WARNING -->
2015-07-17 18:35:41 -04:00
2015-04-29 17:20:14 -04:00
# Secrets example
2015-07-24 17:52:18 -04:00
Following this example, you will create a [secret ](../secrets.md ) and a [pod ](../pods.md ) that consumes that secret in a [volume ](../volumes.md ). See [Secrets design document ](../../design/secrets.md ) for more information.
2015-04-29 17:20:14 -04:00
## Step Zero: Prerequisites
This example assumes you have a Kubernetes cluster installed and running, and that you have
2015-07-19 01:58:13 -04:00
installed the `kubectl` command line tool somewhere in your path. Please see the [getting
2015-07-14 12:37:37 -04:00
started](../../../docs/getting-started-guides/) for installation instructions for your platform.
2015-04-29 17:20:14 -04:00
## Step One: Create the secret
A secret contains a set of named byte arrays.
2015-05-22 16:50:43 -04:00
Use the [`examples/secrets/secret.yaml` ](secret.yaml ) file to create a secret:
2015-04-29 17:20:14 -04:00
2015-07-18 21:35:30 -04:00
```console
2015-07-15 13:42:59 -04:00
$ kubectl create -f docs/user-guide/secrets/secret.yaml
2015-04-29 17:20:14 -04:00
```
You can use `kubectl` to see information about the secret:
2015-07-18 21:35:30 -04:00
```console
2015-04-29 17:20:14 -04:00
$ kubectl get secrets
NAME TYPE DATA
test-secret Opaque 2
2015-06-27 06:46:09 -04:00
$ kubectl describe secret test-secret
Name: test-secret
Labels: < none >
Annotations: < none >
Type: Opaque
Data
====
data-1: 9 bytes
data-2: 11 bytes
2015-04-29 17:20:14 -04:00
```
## Step Two: Create a pod that consumes a secret
Pods consume secrets in volumes. Now that you have created a secret, you can create a pod that
consumes it.
2015-05-22 16:50:43 -04:00
Use the [`examples/secrets/secret-pod.yaml` ](secret-pod.yaml ) file to create a Pod that consumes the secret.
2015-04-29 17:20:14 -04:00
2015-07-18 21:35:30 -04:00
```console
2015-07-15 13:42:59 -04:00
$ kubectl create -f docs/user-guide/secrets/secret-pod.yaml
2015-04-29 17:20:14 -04:00
```
This pod runs a binary that displays the content of one of the pieces of secret data in the secret
2015-07-24 17:52:18 -04:00
volume:
2015-04-29 17:20:14 -04:00
2015-07-18 21:35:30 -04:00
```console
2015-06-25 04:53:45 -04:00
$ kubectl logs secret-test-pod
2015-04-29 17:20:14 -04:00
2015-04-29T21:17:24.712206409Z content of file "/etc/secret-volume/data-1": value-1
```
2015-05-14 18:12:45 -04:00
2015-07-13 20:13:09 -04:00
<!-- BEGIN MUNGE: GENERATED_ANALYTICS -->
2015-07-14 12:37:37 -04:00
[]()
2015-07-13 20:13:09 -04:00
<!-- END MUNGE: GENERATED_ANALYTICS -->
