Kubernetes Cluster Configuration Concepts: Difference between revisions

From NovaOrdis Knowledge Base
Jump to navigation Jump to search
No edit summary
Line 5: Line 5:
=<span id='Secret'></span>Secrets=
=<span id='Secret'></span>Secrets=
{{External|[https://kubernetes.io/docs/concepts/configuration/secret/ Secrets]}}
{{External|[https://kubernetes.io/docs/concepts/configuration/secret/ Secrets]}}
==Secrets Operations==
{{Internal|Kubernetes Secrets Operations|Secrets Operations}}


A secret is a mechanism, backed by a Kubernetes [[Kubernetes_Concepts#API_Resources|API resource]], that allows applications running on a Kubernetes cluster to safely manage, store and access security-sensitive information such as passwords, OAuth tokens and ssh keys. This mechanism provides a better alternative to placing that information in a container image or in the pod metadata. An individual secret contains a small amount of data, limited to 1 MiB - this is to discourage creation of very large secrets that would exhaust API server and kubelet memory.
A secret is a mechanism, backed by a Kubernetes [[Kubernetes_Concepts#API_Resources|API resource]], that allows applications running on a Kubernetes cluster to safely manage, store and access security-sensitive information such as passwords, OAuth tokens and ssh keys. This mechanism provides a better alternative to placing that information in a container image or in the pod metadata. An individual secret contains a small amount of data, limited to 1 MiB - this is to discourage creation of very large secrets that would exhaust API server and kubelet memory.


A pod must explicitly reference a secret in its manifest to access it. If that does not happen, the system will not initialize the infrastructure that exposes the information to the pod.
A pod must explicitly reference a secret in its manifest to access it. If that does not happen, the system will not initialize the infrastructure that exposes the information to the pod.
==Secrets Operations==
{{Internal|Kubernetes Secrets Operations|Secrets Operations}}

Revision as of 16:40, 22 August 2019

Internal

Secrets

Secrets

A secret is a mechanism, backed by a Kubernetes API resource, that allows applications running on a Kubernetes cluster to safely manage, store and access security-sensitive information such as passwords, OAuth tokens and ssh keys. This mechanism provides a better alternative to placing that information in a container image or in the pod metadata. An individual secret contains a small amount of data, limited to 1 MiB - this is to discourage creation of very large secrets that would exhaust API server and kubelet memory.

A pod must explicitly reference a secret in its manifest to access it. If that does not happen, the system will not initialize the infrastructure that exposes the information to the pod.

Secrets Operations

Secrets Operations