Kubernetes Cluster Configuration Concepts: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
|||
| Line 9: | Line 9: | ||
{{Internal|Kubernetes Secrets Operations|Secrets Operations}} | {{Internal|Kubernetes Secrets Operations|Secrets Operations}} | ||
A secret is a mechanism, backed by a Kubernetes [[Kubernetes_Concepts#API_Resources|API resource]], that allows applications running on a Kubernetes cluster to safely manage, store and access security-sensitive information such as passwords, OAuth tokens and ssh keys. This mechanism provides a better alternative to placing that information in a container image or in the pod metadata. | A secret is a mechanism, backed by a Kubernetes [[Kubernetes_Concepts#API_Resources|API resource]], that allows applications running on a Kubernetes cluster to safely manage, store and access security-sensitive information such as passwords, OAuth tokens and ssh keys. This mechanism provides a better alternative to placing that information in a container image or in the pod metadata. An individual secret contains a small amount of data, limited to 1 MiB - this is to discourage creation of very large secrets that would exhaust API server and kubelet memory. | ||
Revision as of 16:37, 22 August 2019
Internal
Secrets
Secrets Operations
A secret is a mechanism, backed by a Kubernetes API resource, that allows applications running on a Kubernetes cluster to safely manage, store and access security-sensitive information such as passwords, OAuth tokens and ssh keys. This mechanism provides a better alternative to placing that information in a container image or in the pod metadata. An individual secret contains a small amount of data, limited to 1 MiB - this is to discourage creation of very large secrets that would exhaust API server and kubelet memory.