Kubernetes - Secrets

Step-01: Introduction

  • Kubernetes Secrets let you store and manage sensitive information, such as passwords, OAuth tokens, and ssh keys.
  • Storing confidential information in a Secret is safer and more flexible than putting it directly in a Pod definition or in a container image.

Azure Kubernetes Service with Azure DevOps and Terraform

Step-02: Create Secret for MySQL DB Password

# Mac
echo -n 'dbpassword11' | base64

# URL:

Create Kubernetes Secrets manifest

apiVersion: v1
kind: Secret
  name: mysql-db-password
#type: Opaque means that from kubernetes's point of view the contents of this Secret is unstructured.
#It can contain arbitrary key-value pairs. 
type: Opaque
  # Output of echo -n 'Redhat1449' | base64
  db-password: ZGJwYXNzd29yZDEx

Step-03: Update secret in MySQL Deployment for DB Password

            - name: MYSQL_ROOT_PASSWORD
                  name: mysql-db-password
                  key: db-password

Step-04: Update secret in UWA Deployment

  • UMS means User Management Microservice
                - name: DB_PASSWORD
                      name: mysql-db-password
                      key: db-password

Step-05: Create & Test

# Create All Objects
kubectl apply -f kube-manifests/

# List Pods
kubectl get pods

# Get Public IP of Application
kubectl get svc

# Access Application
Username: admin101
Password: password101

Step-06: Clean-Up

  • Delete all k8s objects created as part of this section
    # Delete All
    kubectl delete -f kube-manifests/
    # List Pods
    kubectl get pods
    # Verify sc, pvc, pv
    kubectl get sc,pvc,pv

