Kubernetesdevops~30 mins

Why Secrets manage sensitive data in Kubernetes - See It in Action

Choose your learning style9 modes available

Learn Why Deep Visual Try Challenge Project Recall Time

Why Secrets Manage Sensitive Data in Kubernetes

📖 Scenario: You are working on a Kubernetes cluster for a small company. You need to store sensitive information like passwords and API keys safely so that only the right parts of your applications can use them.

🎯 Goal: Learn how to create and use Kubernetes Secrets to manage sensitive data securely in your cluster.

📋 What You'll Learn

Create a Kubernetes Secret with exact key-value pairs

Add a configuration variable to reference the Secret name

Use the Secret in a Pod specification environment variable

Display the Pod environment variable to confirm Secret usage

💡 Why This Matters

🌍 Real World

Kubernetes Secrets help keep sensitive information safe and separate from application code, preventing accidental exposure.

💼 Career

Managing Secrets is a key skill for DevOps engineers and system administrators working with Kubernetes clusters.

Progress0 / 4 steps

Create a Kubernetes Secret with sensitive data

Create a Kubernetes Secret named mysecret with these exact key-value pairs: username: admin and password: s3cr3t using the kubectl command.

Kubernetes

# Your command here to create the Secret named mysecret with username and password

Need a hint?

Use kubectl create secret generic with --from-literal for each key-value pair.

Add a variable for the Secret name

Create a variable called SECRET_NAME and set it to the string mysecret.

Kubernetes

kubectl create secret generic mysecret --from-literal=username=admin --from-literal=password=s3cr3t
# Create SECRET_NAME variable with value 'mysecret'

Need a hint?

Use SECRET_NAME=mysecret to store the Secret name in a variable.

Use the Secret in a Pod environment variable

Write a Pod YAML snippet that uses the Secret named mysecret to set environment variables USERNAME and PASSWORD from the Secret keys username and password. Use the variable SECRET_NAME for the Secret name in the YAML.

Kubernetes

kubectl create secret generic mysecret --from-literal=username=admin --from-literal=password=s3cr3t
SECRET_NAME=mysecret

# Write Pod YAML snippet using SECRET_NAME to set USERNAME and PASSWORD env vars from Secret keys

Need a hint?

Use env with valueFrom.secretKeyRef referencing name: ${SECRET_NAME} and the correct keys.

Display the Pod environment variables to confirm Secret usage

Print the Pod YAML stored in the variable pod_yaml to show the environment variables set from the Secret.

Kubernetes

kubectl create secret generic mysecret --from-literal=username=admin --from-literal=password=s3cr3t
SECRET_NAME=mysecret

pod_yaml="""
apiVersion: v1
kind: Pod
metadata:
  name: secret-demo
spec:
  containers:
  - name: demo-container
    image: busybox
    command: ['sh', '-c', 'env']
    env:
    - name: USERNAME
      valueFrom:
        secretKeyRef:
          name: ${SECRET_NAME}
          key: username
    - name: PASSWORD
      valueFrom:
        secretKeyRef:
          name: ${SECRET_NAME}
          key: password
"""

# Print the pod_yaml variable below

Need a hint?

Use print(pod_yaml) to display the Pod YAML content.