This topic describes how to manage Secrets in the Container Service for Kubernetes (ACK) console.
Prerequisites
A Container Service for Kubernetes (ACK) cluster is created. For more information, see Create an ACK managed cluster.
Background information
We recommend that you use Secrets to store sensitive information in Kubernetes clusters. The information includes passwords and certificates.
Secrets are classified into the following types:
- Service account: A service account is automatically created by Kubernetes and automatically mounted to the /run/secrets/kubernetes.io/serviceaccount directory of a pod. The service account provides an identity for the pod to interact with the API server.
- Opaque: This type of Secret is encoded in Base64 and used to store sensitive information, such as passwords and certificates.
By default, you can create only Opaque Secrets in the ACK console. Opaque Secrets store map type data. Therefore, values must be encoded in Base64. You can create Secrets in the ACK console with a few clicks. Plaintext is automatically encoded in Base64.
You can also create Secrets by using the CLI. For more information, see Kubernetes Secrets.
Create a Secret
What to do next
After you create the Secret, you can perform the following operations on the Secrets page:
- Click the name of the Secret to view the basic information and details about the Secret.
Note To view the values in plaintext, click the icon in the Value column.
- Click Edit in the Actions column to modify the information of the Secret.
- Click Delete in the Actions column to delete the Secret.
Notice Do not delete Secrets that are generated when the cluster is created.