我在一个Kubernetes中有多个秘密。所有这些都包含许多值,例如:
apiVersion: v1
kind: Secret
metadata:
name: paypal-secret
type: Opaque
data:
PAYPAL_CLIENT_ID: base64_PP_client_id
PAYPAL_SECRET: base64_pp_secret
stringData:
PAYPAL_API: https://api.paypal.com/v1
PAYPAL_HOST: api.paypal.com
例如,我很好奇如何将所有Secrets
中的所有值传递给ReplicaSet
。
我尝试了一种方法:
apiVersion: apps/v1
kind: ReplicaSet
metadata:
name: pp-debts
labels:
environment: prod
spec:
replicas: 1
selector:
matchLabels:
environment: prod
template:
metadata:
labels:
environment: prod
spec:
containers:
- name: integration-app
image: my-container-image
envFrom:
- secretRef:
name: intercom-secret
envFrom:
- secretRef:
name: paypal-secret
envFrom:
- secretRef:
name: postgres-secret
envFrom:
- secretRef:
name: redis-secret
但当我连接到pod并查看env变量时,我只能看到redis-secret
中的值。
尝试使用一个envFrom
,下面有多个条目,如下所示:
- name: integration-app
image: my-container-image
envFrom:
- secretRef:
name: intercom-secret
- secretRef:
name: paypal-secret
- secretRef:
name: postgres-secret
- secretRef:
name: redis-secret
这篇博文的底部有一个例子,作者是David Chua