yaml中的用户密码敏感信息一般都会采用密码存储

采用base64编码进行加密

[root@hz-95 pv]# echo -n guang | base64

emd1YW5nag==

[root@hz-95 pv]# echo -n 1q2w#E$R | base64

cat secret.ymal

apiVersion: v1

kind: Secret

metadata:

name: mysecret2

data:

username: emd1YW5nag==

password: MXEydyNF

kubectl get secret #查看已经存在的secret

[root@hz-95 pv]# kubectl get secret

NAME TYPE DATA AGE

mysecret Opaque 2 40m

mysecret1 Opaque 2 29m

mysecret2 Opaque 2 5m

mysql-pass Opaque 1 1d

regcred kubernetes.io/dockercfg 1 1d

kubectl describe secret查看具体条目的key

[root@hz-95 pv]# kubectl describe secret mysql-pass

Name: mysql-pass

Namespace: default

Labels:

Annotations:

Type: Opaque

Data

====

password: 6 bytes

如果想看具体的value,使用kubectl edit secret mysql-pass

apiVersion: v1

data:

password: MTIzNDU2

kind: Secret

metadata:

creationTimestamp: 2019-12-15T08:05:05Z

name: mysql-pass

namespace: default

resourceVersion: "2607300"

selfLink: /api/v1/namespaces/default/secrets/mysql-pass

uid: 9aafd7e2-1f11-11ea-838f-001a4a060061

type: Opaque

然后进行base64反编码

[root@hz-sb-zrrwt-199-150-95 pv]# echo -n MTIzNDU2 | base64 --decode

123456

Logo

K8S/Kubernetes社区为您提供最前沿的新闻资讯和知识内容

更多推荐