Create a username and password files:
$ echo -n "admin" > ./username $ echo -n "1f2d1e2e67df" > ./password
Object with the generated secret kubectl:
$ kubectl create secret generic db-user-pass --from-file=./username --from-file=./password secret "db-user-pass" created
pod referenced Secret
apiVersion: v1 kind: Pod metadata: name: secret-env-pod spec: containers: - name: mycontainer image: redis env: - name: SECRET_USERNAME valueFrom: secretKeyRef: name: mysecret key: username - name: SECRET_PASSWORD valueFrom: secretKeyRef: name: mysecret key: password restartPolicy: Never
$ kubectl get secrets NAME TYPE DATA AGE db-user-pass Opaque 2 51s $ kubectl describe secrets/db-user-pass Name: db-user-pass Namespace: default Labels: Annotations: Type: Opaque Data ==== password: 12 bytes username: 5 bytes
Manually create SECRET
You can also yaml first to json format or create a secret objects in the file, and then create the object.
Each must be base64 encoding:
$ echo -n "admin" | base64 YWRtaW4= $ echo -n "1f2d1e2e67df" | base64 MWYyZDFlMmU2N2Rm
apiVersion: v1 kind: Secret metadata: name: mysecret type: Opaque data: username: YWRtaW4= password: MWYyZDFlMmU2N2Rm