Kubernetes 101 : "Secret" objects and storing sensitive data in kubernetes
Secret is a kubernetes object to separately store sensitive information like passwords, instead of including it directly in the image.
By having a separate object for the "secret" information, we could have two copies of the same image attached to different secret information objects without the need to create a new image for scratch for each image with different "secret" information.
Creating a secret object:
We can use the below command to create a secret object "password_1" from a file "passwords.txt":
Secret object for TLS information:
We could also use a secret object to store TLS keys and certificates using the below command:
Below is an example of a secret object Yaml configuration file:
Then we create our secret object using the below command:
The secret object values are Base64 encoded
Encoding our data for the secret object Yaml file:
To encode our data, we use a Linux program called "base64" to encrypt the "username=root" and the "password=root_password" used in the above secret object Yaml configuration file: