二、Secret
1、创建账号密码
[root@k8s-master ~]# echo -n "admin" | base64 YWRtaW4= [root@k8s-master ~]# echo -n "aaa111" | base64 YWFhMTEx
2、导入到secret中
[root@k8s-master ~]# cat ser.yaml apiVersion: v1 data: username: YWRtaW4= password: YWFhMTEx #实际是base64加密 kind: Secret metadata: name: mysql-root-passwd type: Opaque
3、创建的方式
1、username.txt和password.txt文件内容如下:然后调用文件进行创建 $ cat ./username.txt admin $ cat ./password.txt 1f2d1e2e67df generic子命令可以通过本地文件、目录或者literal(键值对) $ kubectl create secret generic user --from-file=./username.txt $ kubectl create secret generic pass --from-file=./password.txt 2、直接通过键值对创建 $ kubectl create secret generic user --from-literal=username=admin $ kubectl create secret generic pass --from-literal=password=1f2d1e2e67df
4、secret 的使用
[root@k8s-master ~]# cat mypod.yaml
apiVersion: v1
kind: Pod
metadata:
name: mypod
spec:
containers:
- name: myapp
image: docker.io/ikubernetes/myapp
env:
- name: SECRET_USERNAME
valueFrom:
secretKeyRef:
name: mysql-root-passwd
key: username
- name: SECRET_PASSWORD
valueFrom:
secretKeyRef:
name: mysql-root-passwd
key: password
[root@k8s-master ~]# kubectl apply -f mypod.yaml
pod "mypod" created
5、进入容器查看
[root@k8s-master ~]# kubectl exec -it mypod-nginx bash root@mypod-nginx:/# echo $SECRET_USERNAME admin root@mypod-nginx:/# echo $SECRET_PASSWORD aaa111 root@mypod-nginx:/#