I am wondering if it is possible to store a key-value pair in Secret.yml. I want to be able to store an encryption key as a value and an id as its key which I can use to retrieve the encryption key stored in Secret.yml.
Is such functionality available with Kubernetes?
EDIT I should have said in my original message, I want to be able to store multiple pairs and add pairs during the lifespan of my application and use different encryption key on the fly without/minimal update to my application.
Kubernetes secret stores data as key value pair(ref: https://kubernetes.io/docs/concepts/configuration/secret/).
apiVersion: v1
kind: Secret
metadata:
name: mysecret
type: Opaque
data:
key: dmFsdWU=
Here value is base64 encoded.
Thank you guys for your answers. I've found using the below format in Secret.yaml works well:
encryptionKey |
KeyName: 123456abcdef
SecondKeyName: abcdef123456I would then get the key value pairs as a Map in my Java application and treat it as such so I can, for example, search for key KeyName and get the value I need.
Yes, secrets are key value pairs. You can create them using kubectl:
kubectl create secret the-secret-name --from-literal=KEY=VALUEThen, you can look at / edit the yaml specification via
#get
kubectl get secret the-secret-name -o yaml
#edit
kubectl edit secret the-secret-nameA secret looks like this:
apiVersion: v1
kind: Secret
metadata:
name: the-secret-name
type: Opaque
data:
# the value is base64 encoded
KEY: VkFMVUUK
Most of the time, it's better to use two key value pairs in your situation though. The reason for this is that it's more complicated/expensive to look for a key with an unknown name than to lookup a value under a key.