Secret 最典型的使用场景，莫过于存放数据库的 Credential 信息，比如下面这个例子：

apiVersion: v1
kind: Pod
metadata:
  name: test-projected-volume 
spec:
  containers:
  - name: test-secret-volume
    image: busybox
    args:
    - sleep
    - "86400"
    volumeMounts:
    - name: mysql-cred
      mountPath: "/projected-volume"
      readOnly: true
  volumes:
  - name: mysql-cred
    projected:
      sources:
      - secret:
          name: user
      - secret:
          name: pass

这个volume的数据来源sources则是名为 user 和 pass 的 Secret 对象，分别对应的是数据库的用户名和密码。

$ cat ./username.txt
admin
$ cat ./password.txt
c1oudc0w!

$ kubectl create secret generic user --from-file=./username.txt
$ kubectl create secret generic pass --from-file=./password.txt

kubectl get secrets

[root@dock01 ~]# kubectl create  -f t003.yaml 
pod/test-projected-volume created

[root@dock01 ~]# kubectl get pods test-projected-volume
NAME                    READY   STATUS    RESTARTS   AGE
test-projected-volume   1/1     Running   0          14s

$ kubectl exec -it test-projected-volume -- /bin/sh
$ ls /projected-volume/
user
pass
$ cat /projected-volume/user
root
$ cat /projected-volume/pass
1f2d1e2e67df

/ # cd projected-volume 
/projected-volume # ls
password.txt  username.txt
/projected-volume # cat username.txt 
admin