使用Secret存储数据库密码

1.使用base64加密用户名和密码

[root@node2 ~]# echo -n "admin"|base64
YWRtaW4=
[root@node2 ~]# echo -n "Admin123"|base64
QWRtaW4xMjM=
[root@node2 ~]#

2.编写secret文件

[root@node2 ~]# cat db-secret.yaml
apiVersion: apps/v1
kind: Secret
metadata:
name: db-production
type: Opaque
data:
username: YWRtaW4=
password: QWRtaW4xMjM=
[root@node2 ~]# kubectl apply -f db-secret.yaml

3.在deploy应用中使用secret
将secret导出到环境变量中

[root@node2 ~]# cat wordpress-deploy.yaml
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: wordpress-deployment
spec:
replicas: 2
strategy:
type: RollingUpdate
template:
metadata:
labels:
app: wordpress
visualize: "true"
spec:
containers:
- name: "wordpress"
image: "wordpress"
ports:
- containerPort: 80
env:
- name: WORDPRESS_DB_USER
valueFrom:
secretKeyRef:
name: db-production
key: username
- name: WORDPRESS_DB_PASSWORD
valueFrom:
secretKeyRef:
name: db-production
key: password
[root@node2 ~]# kubectl apply -f wordpress-deploy.yaml