Kubernetes - Working With Secrets

Last Updated : 30 Mar, 2023

Kubernetes Secrets are objects that are used to store secret data in base64 encoded format. Using secrets enables developers not to put confidential information in the application code. Since Secrets are created independently of the pods, there is less risk of secrets being exposed.

Uses of Secrets:

As files in a volume mounted on one or more of its containers.
As container environment variable.
By the kubelet when pulling images for the Pod.

Creating a Secret:

$ kubectl create secret generic [secret-name] \ 
--from-file=[key1]=[file1] \ 
--from-file=[key2]=[file2]

👁 creating secret

Decoding Secret:

$ kubectl get secret [secret] -o jsonpath='{.data}'

👁 encoded key-value pairs.

The above output shows encoded key-value pairs.

Decode them using echo and pipe the output to base64

$ echo '[encoded-value]' | base64 --decode

👁 decoded password.

The above output is the decoded password.

Editing Secret:

$ kubectl edit secrets <secret-name>

👁 edit secret

The config file during editing would look like this:

👁 config file

Deleting Secret:

$ kubectl delete secret <secret-name>

👁 deleting secret

Comment

Article Tags:

Technical Scripter

Kubernetes

DevOps

Technical Scripter 2022

Explore

DevOps Basics

Version Control

CI & CD

Containerization

Orchestration

Infrastructure as Code (IaC)

Monitoring and Logging

Security in DevOps

Courses

URL: https://www.geeksforgeeks.org/devops/kubernetes-working-with-secrets/