By environment variables

In terms of accessing Secrets inside a Pod, add env section inside the container spec as follows:

// using access-token Secret inside a Pod
# cat 2-7-2_env.yaml
apiVersion: v1
kind: Pod
metadata:
  name: secret-example-env
spec:
  containers:
  - name: ubuntu
    image: ubuntu
    command: ["/bin/sh", "-c", "while : ;do echo $ACCESS_TOKEN; sleep 10; done"]
    env:
        - name: ACCESS_TOKEN
          valueFrom:
            secretKeyRef:
              name: access-token
              key: 2-7-1_access-token

// create a pod
# kubectl create -f 2-7-2_env.yaml
pod "secret-example-env" created

In the preceding example, we expose 2-7-1_access-token key in access-token Secret as ACCESS_TOKEN environment variable, and print it out through a while infinite loop. Check the stdout via kubectl log command:

// check stdout logs
# kubectl logs -f secret-example-env
9S!g0U61699r

Note that the environment variable was exposed during Pod creation. If a new value of Secret is pushed, you'll have to re-launch/rolling-update a Pod or Deployment to reflect that.

If we describe the secret-example-env Pod, we can see that an environment variable was set to a Secret:

# kubectl describe pods secret-example-env
Name: secret-example-env
...
Environment:
      ACCESS_TOKEN: <set to the key '2-7-1_access-token' in secret 'access-token'>

Table of Contents for By environment variables

Create new playlist

Sign In

Sign Up

Table of Contents for
By environment variables