CKA考试题[Secret]

创建一个secret,使用以下:

名字:super-secret

credential:bob

创建一个pod名为pod-secrets-via-file 使用redis镜像,挂载名为super-secret的 挂载路径/secrets

使用redis镜像创建第二个Pod名称Pod-secrets-via-env, 导出为 CREDENTIALS
 

解答:

(1).创建secret(https://kubernetes.io/docs/concepts/configuration/secret/)

kubectl create secret generic super-secret  --from-literal=credential=bob

对应的yaml

apiVersion: v1
data:
  credential: Ym9i
kind: Secret
metadata:
  creationTimestamp: null
  name: super-secret

(2).创建pod-secrets-via-file (https://kubernetes.io/docs/concepts/configuration/secret/)

apiVersion: v1
kind: Pod
metadata:
  name: pod-secrets-via-file
spec:
  containers:
  - name: mypod
    image: redis
    volumeMounts:
    - name: foo
      mountPath: "/secrets"
      readOnly: true
  volumes:
  - name: foo
    secret:
      secretName: super-secret

(3).Pod-secrets-via-env (https://kubernetes.io/docs/concepts/configuration/secret/)

apiVersion: v1
kind: Pod
metadata:
  name: Pod-secrets-via-env
spec:
  containers:
  - name: mycontainer
    image: redis
    env:
      - name: CREDENTIALS
        valueFrom:
          secretKeyRef:
            name:  super-secret
            key: credential


 

上一篇:机器学习模型评价(Evaluating Machine Learning Models)-主要概念与陷阱


下一篇:CentOS7.5 使用Docker部署Jumpserver