How to Use Secrets in Kubernetes

1 min readArticle
Updated at Apr 18, 2020

How to Use Secrets in Kubernetes

Kubernetes Secrets let you store and manage sensitive information like as passwords, OAuth tokens, ssh keys, etc.

With this article, you'll learn how to use them easily.

What is a Secret in Kubernetes?

A secret is an object that contains sensitive information like passwords, keys, tokens...

To use it, a Pod needs to reference it:

  • As files in a volume mounted on one or more of its containers.
  • By the kubelet when pulling images for the Pod.

Optimal way to create and mount a Secret

For me the easiest way to use Secrets is defining a YAML and reference them using envFrom/secretRef.

  1. Here is a yaml configuration file you can use to create a Secret that holds a username and a password:
apiVersion: v1
kind: Secret
  name: my-secret
  username: my-username
  password: vdg7JbgkdnRnN03e
  1. Reference the Secret (my-secret-pod.yaml):
kind: Pod
apiVersion: v1
  name: my-secret-pod
  namespace: my-namespace
    - name: my-container
      image: nginx:1.7.9
        - secretRef:
            name: my-secret
  1. Then you just need to create the Pod:
$ kubectl apply -f my-secret-pod.yaml -n my-namespace

For more information related to Secrets, please check the Kubernetes documentation.