我在Kubernetes中有多个秘密。它们全部包含许多值,例如:
apiVersion: v1
kind: Secret
metadata:
name: paypal-secret
type: Opaque
data:
PAYPAL_CLIENT_ID: base64_PP_client_id
PAYPAL_SECRET: base64_pp_secret
stringData:
PAYPAL_API: https://api.paypal.com/v1
PAYPAL_HOST: api.paypal.com
例如,我很好奇如何将所有Secrets的所有值传递到ReplicaSet。
我尝试了这种方法:
apiVersion: apps/v1
kind: ReplicaSet
metadata:
name: pp-debts
labels:
environment: prod
spec:
replicas: 1
selector:
matchLabels:
environment: prod
template:
metadata:
labels:
environment: prod
spec:
containers:
- name: integration-app
image: my-container-image
envFrom:
- secretRef:
name: intercom-secret
envFrom:
- secretRef:
name: paypal-secret
envFrom:
- secretRef:
name: postgres-secret
envFrom:
- secretRef:
name: redis-secret
但是当我连接到pod并查看env变量时,我只能看到redis-secret中的值。
答案 0 :(得分:3)
尝试使用一个envFrom,下面有多个条目:
- name: integration-app
image: my-container-image
envFrom:
- secretRef:
name: intercom-secret
- secretRef:
name: paypal-secret
- secretRef:
name: postgres-secret
- secretRef:
name: redis-secret
https://dchua.com/2017/04/21/load-env-variables-from-configmaps-and-secrets-upon-pod-boot/底部有一个示例