Creating a Secret
A secret is a type of resource that holds sensitive data, such as authentication and key information, required by a workload. Its content is user-defined. After creating secrets, you can use them as files or environment variables in a containerized workload.
Creating a Secret
- Log in to the cluster console. In the left navigation pane, choose 3. . You can create a secret directly or using YAML. If you want to create a secret using YAML, go to
- Click Create Secret.
Set the parameters listed in Table 1. The parameters marked with asterisks (*) are mandatory.
Table 1 Parameters for creating a secret Parameter
Description
*Name
Name of a secret, which must be unique in a namespace.
*Cluster
Select the cluster for which you want to create a secret.
*Namespace
Namespace to which the secret belongs. If you do not specify this parameter, the value default is used by default.
Description
Description of the secret.
*Type
Type of the secret you create.
- Opaque: common secret.
- kubernetes.io/dockerconfigjson: a secret that stores the authentication information required for pulling images from a private repository.
- IngressTLS: a secret that stores the certificate required by ingresses (layer-7 load balancing Services).
- Other: another type of secret, which is specified manually.
*Data
Workload secret data can be used in containers.
- If the secret is of the Opaque type:
- Click Add Data.
- Set Key and Value. The value must be encoded using Base64. For details on Base64 encoding, see Base64 Encoding.
- If the secret is of the kubernetes.io/dockerconfigjson type, enter the username and password of a private image repository.
- If the secret is of the IngressTLS type, upload a certificate file and a private key file.
Label
Labels are attached to objects such as workloads, nodes, and Services in key-value pairs.
Labels define identified attributes of these objects and can be used to manage and select objects.
- Click Add Label.
- Set Key and Value.
- Create a secret using a YAML file by clicking Create Using YAML.
To create a resource by uploading a file, ensure that the resource description file has been created. MCP supports files in JSON or YAML format. For details, see Secret Resource File Configuration.
You can import or directly write the file content in YAML or JSON format. - Click Create after the configuration is complete.
The new secret is displayed in the secret list.
Secret Resource File Configuration
This section provides a configuration example of a secret resource file.
For example, you can retrieve the username and password for a workload through a secret.
- YAML format
The content in the secret file secret.yaml is as follows. The value must be encoded using Base64. For details, see Base64 Encoding.
apiVersion: v1 kind: Secret metadata: name: mysecret #Secret name namespace: default #Namespace. The default value is default. data: username: bXktdXNlcm5hbWUK #Username, which must be encoded using Base64. password: ****** #The value must be encoded using Base64. type: Opaque #You are advised not to change this parameter value.
- JSON format
The content in the secret file secret.json is as follows:
{ "apiVersion": "v1", "kind": "Secret", "metadata": { "name": "mysecret", "namespace": "default" }, "data": { "username": "bXktdXNlcm5hbWUK", "password": "******" }, "type": "Opaque" }
Related Operations
The secret list contains system-defined secrets that can only be viewed but cannot be updated or deleted.
Operation |
Description |
---|---|
Viewing a YAML file |
Click View YAML in the row where the target secret resides to view its YAML file. |
Updating a secret |
|
Deleting a secret |
Click Delete in the row where the target secret resides. Delete the secret as prompted. |
Deleting secrets in batches |
|
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot