Kubernetes 从redis容器访问变量
我用下面的命令创建secretredissecretKubernetes 从redis容器访问变量,kubernetes,redis,kubernetes-pod,Kubernetes,Redis,Kubernetes Pod,我用下面的命令创建secretredissecret kubectl create secret generic redis-secret --from-literal=password=0123456 kubectl exec -it secret-via-file -- redis-cli 之后,我通过文件创建podsecrets,使用redis图像,将secret nameredis secret装载在/secrets上 kubectl run secret-via-file --im
kubectl create secret generic redis-secret --from-literal=password=0123456
kubectl exec -it secret-via-file -- redis-cli
之后,我通过文件创建podsecrets,使用redis图像,将secret nameredis secret装载在/secrets上
kubectl run secret-via-file --image=redis --dry-run=client -o yaml > pod.yaml
我编辑了createpod.yaml文件
apiVersion: v1
kind: Pod
metadata:
labels:
run: secret-via-file
name: secret-via-file
spec:
containers:
- image: redis
name: secret-via-file
volumeMounts:
- name: redis-secret
mountPath: /secrets
volumes:
- name: redis-secret
secret:
secretName: redis-secret
我通过env创建了第二个pod名称secret,使用redis图像,将密码导出为密码
kubectl run secret-via-env --image=redis --dry-run=client -o yaml > pod2.yaml
我编辑了pod2.yaml文件
apiVersion: v1
kind: Pod
metadata:
labels:
run: secrets-via-env
name: secrets-via-env
spec:
containers:
- image: redis
name: secrets-via-env
env:
- name: PASSWORD
valueFrom:
secretKeyRef:
name: redis-secret
key: password
我使用以下命令通过env连接到podsecrets
kubectl create secret generic redis-secret --from-literal=password=0123456
kubectl exec -it secret-via-file -- redis-cli
我试着验证这个秘密是否被安装在吊舱上。在第二个pod中,我想使用变量PASSWORD来检索指定的值(0123456)。我使用了下面的命令,但它不起作用
SECRET GET PASSWORD
尝试如下。我看到密码秘密被列为env inside pod
# create secret
kubectl create secret generic redis-secret --from-literal=password=0123456
# create pod
apiVersion: v1
kind: Pod
metadata:
labels:
run: secrets-via-env
name: secrets-via-env
spec:
containers:
- image: redis
name: secrets-via-env
env:
- name: PASSWORD
valueFrom:
secretKeyRef:
name: redis-secret
key: password
# check PASSWORD secret
master $ kubectl exec -it secrets-via-env sh
kubectl exec [POD] [COMMAND] is DEPRECATED and will be removed in a future version. Use kubectl kubectl exec [POD] -- [COMMAND] instead.
# echo $PASSWORD
0123456
尝试如下。我看到密码秘密被列为env inside pod
# create secret
kubectl create secret generic redis-secret --from-literal=password=0123456
# create pod
apiVersion: v1
kind: Pod
metadata:
labels:
run: secrets-via-env
name: secrets-via-env
spec:
containers:
- image: redis
name: secrets-via-env
env:
- name: PASSWORD
valueFrom:
secretKeyRef:
name: redis-secret
key: password
# check PASSWORD secret
master $ kubectl exec -it secrets-via-env sh
kubectl exec [POD] [COMMAND] is DEPRECATED and will be removed in a future version. Use kubectl kubectl exec [POD] -- [COMMAND] instead.
# echo $PASSWORD
0123456
如果执行
echo$PASSWORD
操作,则在容器内看到什么?这是输出“$PASSWORD”。您可以添加redis Secret的内容吗?如果执行echo$PASSWORD
操作,则在容器内看到什么?这是输出“$PASSWORD”.你能添加redis Secret的内容吗?内容是password=0123456