728x90
kubectl create secret 명령
Create a secret using specified subcommand.
사용법
Usage:
kubectl create secret [flags] [options]
Use "kubectl <command> --help" for more information about a given command.
Use "kubectl options" for a list of global command-line options (applies to all commands).yaml secret 생성
username 및 password base64로 인코딩
$ echo iacadmin | base64
aWFjYWRtaW4K$ echo MeH8KNZr71 | base64
TWVIOEtOWnI3MQo=secret1.yaml 파일 작성
vim secret1.yamlapiVersion: v1
kind: Secret
metadata:
name: mysecret
namespace: default
type: Opaque
data:
#echo iacadmin | base64
#echo MeH8KNZr71 | base64
username: aWFjYWRtaW4K
password: TWVIOEtOWnI3MQo=
# Example:
# password: {{ .Values.password | b64enc }}** 평문(planttext) 입력 시 오류 발생
$ kubectl create -f secret1.yaml
secret/mysecret created
kubectl describe secret mysecret$ kubectl describe secret mysecret
Name: mysecret
Namespace: default
Labels: <none>
Annotations: <none>
Type: Opaque
Data
====
password: 11 bytes
username: 9 bytes
kubectl get secrets mysecret -o yaml$ kubectl get secrets mysecret -o yaml
apiVersion: v1
data:
password: TWVIOEtOWnI3MQo=
username: aWFjYWRtaW4K
kind: Secret
metadata:
creationTimestamp: "2022-09-23T00:47:53Z"
name: mysecret
namespace: default
resourceVersion: "192379"
uid: 76730d2a-e790-4a40-be6f-bb3457e850e3
type: Opaqueusername 및 password base64로 디코딩
$ echo -n "aWFjYWRtaW4K" | base64 --decode$ echo -n "TWVIOEtOWnI3MQo=" | base64 --decode
MeH8KNZr71
kubectl create secret tls nginx-tls-secret --cert=nginx-tls/nginx-tls.crt --key=nginx-tls/nginx-tls.key$ kubectl create secret tls nginx-tls-secret --cert=nginx-tls/nginx-tls.crt --key=nginx-tls/nginx-tls.key
secret/nginx-tls-secret created
kubectl describe secrets nginx-tls-secret$ kubectl describe secrets nginx-tls-secret
Name: nginx-tls-secret
Namespace: default
Labels: <none>
Annotations: <none>
Type: kubernetes.io/tls
Data
====
tls.crt: 1135 bytes
tls.key: 1679 bytes728x90
'리눅스' 카테고리의 다른 글
| [kubernetes] 애플리케이션 배포 전략 (0) | 2022.09.23 |
|---|---|
| [kubernetes] kubectl create configmap 명령 (0) | 2022.09.23 |
| [kubernetes] kubectl run 명령 (0) | 2022.09.22 |
| [kubernetes] kubectl port-forward 명령 (0) | 2022.09.22 |
| [kubernetes] kubectl exec 명령 (0) | 2022.09.22 |
