How to set secret data to kubernetes secrets by yaml?

I am using kubernetes to deploy a rails app to google container engine.

Follow the kubernetes secrets document: http://kubernetes.io/v1.1/docs/user-guide/secrets.html

I created a web controller file:

# web-controller.yml
apiVersion: v1
kind: ReplicationController
metadata:
  labels:
    name: web
  name: web-controller
spec:
  replicas: 2
  selector:
    name: web
  template:
    metadata:
      labels:
        name: web
    spec:
      containers:
      - name: web
        image: gcr.io/my-project-id/myapp:v1
        ports:
        - containerPort: 3000
          name: http-server
        env:
          secret:
          - secretName: mysecret

And created a secret file:

# secret.yml
apiVersion: v1
kind: Secret
metadata:
  name: mysecret
type: Opaque
data:
  RAILS_ENV: production

When I run:

kubectl create -f web-controller.yml

It showed:

error: could not read an encoded object from web-controller.yml: unable to load "web-controller.yml": json: cannot unmarshal object into Go value of type []v1.EnvVar
error: no objects passed to create

Maybe the yaml format is wrong in the web-controller.yml file. Then how to write?

Answers


You need to base64 encode the value and your key must be a valid DNS label, that is, replace RAILS_ENV with, for example, rails-env. See also this end-to-end example I put together here for more details and concrete steps.


We do not currently support secrets exposed as env vars.


secret.yml

apiVersion: v1
kind: Secret
metadata:
  name: mysecret
type: Opaque
stringData:
  RAILS_ENV: production

stringData is the easymode version of what you're after, one thing though. you'll see the cleartext original yaml used to create the secret in the annotation (and if you used the above method that means you'll have a human readable secret in your annotation, if you use the below method you'll have the base64'd secret in your annotation), unless you follow up with the erase annotation command like so:

kubectl apply -f secret.yml kubectl annotate secret mysecret kubectl.kubernetes.io/last-applied-configuration- (the - at the end is what says to erase it) kubectl get secret mysecret -n=api -o yaml (to confirm)

Alternatively you'd do Bash# echo production | base64 cHJvZHVjdGlvbgo=

apiVersion: v1
kind: Secret
metadata:
  name: mysecret
type: Opaque
data:
  RAILS_ENV: cHJvZHVjdGlvbgo=

Need Your Help

Visual Studio 2010 current row highlight

visual-studio-2010 visual-studio

I'm using Productivity Power Tools' Highlight current line feature. However, I'd also like to highlight the current column (i.e. have a vertical highlighting bar).

functional testing a service

php unit-testing service phpunit

I am having trouble testing some simple services that I have in my application. This is my service method: