Kubernetes storing key-value pair in Secret.yml

11/19/2018

I am wondering if it is possible to store a key-value pair in Secret.yml. I want to be able to store an encryption key as a value and an id as its key which I can use to retrieve the encryption key stored in Secret.yml.

Is such functionality available with Kubernetes?

EDIT I should have said in my original message, I want to be able to store multiple pairs and add pairs during the lifespan of my application and use different encryption key on the fly without/minimal update to my application.

-- boringDeveloper
kubernetes
kubernetes-secrets

3 Answers

11/19/2018

Kubernetes secret stores data as key value pair(ref: https://kubernetes.io/docs/concepts/configuration/secret/).

apiVersion: v1
kind: Secret
metadata:
  name: mysecret
type: Opaque
data:
  key: dmFsdWU=

Here value is base64 encoded.

-- nightfury1204
Source: StackOverflow

1/22/2019

Thank you guys for your answers. I've found using the below format in Secret.yaml works well:

encryptionKey |
KeyName: 123456abcdef
SecondKeyName: abcdef123456

I would then get the key value pairs as a Map in my Java application and treat it as such so I can, for example, search for key KeyName and get the value I need.

-- boringDeveloper
Source: StackOverflow

11/19/2018

Yes, secrets are key value pairs. You can create them using kubectl:

kubectl create secret the-secret-name --from-literal=KEY=VALUE

Then, you can look at / edit the yaml specification via

#get
kubectl get secret the-secret-name -o yaml
#edit
kubectl edit secret the-secret-name

A secret looks like this:

apiVersion: v1
kind: Secret
metadata:
  name: the-secret-name
type: Opaque
data:
   # the value is base64 encoded
   KEY: VkFMVUUK

Most of the time, it's better to use two key value pairs in your situation though. The reason for this is that it's more complicated/expensive to look for a key with an unknown name than to lookup a value under a key.

-- tback
Source: StackOverflow