1.生成Base64编码的用户密码
# 用户
$ echo -n 'admin' | base64
YWRtaW4=
# 密码
$ echo -n 'www.linuxhub.cn' | base64
d3d3LmxpbnV4aHViLmNu
2.创建保密字典 ( Secret )
2.1创建 Secret
apiVersion: v1
kind: Secret
type: Opaque
metadata:
namespace: linuxhub
name: zeze-test
labels:
app: zeze-test
data:
user: YWRtaW4=
password: d3d3LmxpbnV4aHViLmNu
# echo -n 'admin' | base64
# echo -n 'www.linuxhub.cn' | base64
2.2.查看刚创建的 Secret
$ kubectl -n linuxhub get secret -l app=zeze-test
NAME TYPE DATA AGE
zeze-test Opaque 2 35s
2.3.查看 Secret 的明文内容
# 用户
$ printf $(kubectl get secret --namespace linuxhub zeze-test -o jsonpath="{.data.user}" | base64 --decode);echo
admin
# 密码
$ printf $(kubectl get secret --namespace linuxhub zeze-test -o jsonpath="{.data.password}" | base64 --decode);echo
www.linuxhub.cn
5.应用部署使用
5.1.部署测试程序
apiVersion: apps/v1
kind: Deployment
metadata:
namespace: linuxhub
name: zeze-test
labels:
app: zeze-test
spec:
selector:
matchLabels:
app: zeze-test
template:
metadata:
labels:
app: zeze-test
spec:
containers:
- name: zeze-test
image: linuxhub/nginx:1.15.5
env:
- name: ADMIN_USER # 用户
valueFrom:
secretKeyRef:
key: user
name: zeze-test
- name: ADMIN_PASSWORD # 密码
valueFrom:
secretKeyRef:
key: password
name: zeze-test
5.2.查看容器内环境变量 (明文密码)
$ kubectl -n linuxhub get pod -l app=zeze-test
NAME READY STATUS RESTARTS AGE
zeze-test-56b894d6f4-rq5mb 1/1 Running 0 70s
$ kubectl -n linuxhub exec -it zeze-test-56b894d6f4-rq5mb env
ADMIN_USER=admin
ADMIN_PASSWORD=www.linuxhub.cn
网友评论