Different types of Secrets and their usage scenarios
Kubernetes provides us with various types of Secrets. Behind the scenes, it uses the same storage mechanism that we saw in Chapter 1, Understanding Kubernetes Secrets Management; Secrets, once created, will be serialized and stored on etcd
. What differs is how those Secrets are handled when used. There are various types of Secrets; let us examine them one by one.
Opaque
An Opaque secret is the default secret type. Whenever we want to add a sensitive configuration, whether it is a file or a variable, it will be created as an Opaque secret.
Opaque Secrets can be used by providing key values:
$ kubectl create secret generic opaque-example-from-literals --from-literal=literal1=text-for-literal-1 $ kubectl get secret opaque-example-from-literals -o yaml apiVersion: v1 data: literal1: dGV4dC1mb3ItbGl0ZXJhbC0x kind: Secret ... type: Opaque
Opaque Secrets can also be executed by applying a YAML file:
$ kubectl...