真题解析
Last updated
Last updated
kubectl get secret db1-test -n monitoring -o yaml
apiVersion: v1
data:
password: cGFzcw==
username: YWRtaW4=
kind: Secret
metadata:
creationTimestamp: "2024-08-01T09:17:36Z"
name: db1-test
namespace: monitoring
resourceVersion: "503232"
uid: 6c3fada7-f913-45f7-9c21-1395c0c22ec5
type: Opaque
# 由上述结果可知,加密字符串为:
# password: cGFzcw==
# username: YWRtaW4=echo -n "YWRtaW4=" | base64 -d > /home/candidate/user.txt
echo -n "cGFzcw==" | base64 -d > /home/candidate/old-password.txtkubectl create secret generic dev-mark \
--from-literal=username=production-instance \
--from-literal=password=aV7HR7nU3JLx \
-n monitoringkubectl run secret-pod --image=redis -n monitoring --dry-run=client -o yaml > secret-pod.yaml# vim secret-pod.yaml
apiVersion: v1
kind: Pod
metadata:
creationTimestamp: null
labels:
run: secret-pod
name: secret-pod
namespace: monitoring
spec:
containers:
- image: redis
name: test-secret-container # 修改名称
resources: {}
volumeMounts: # 添加挂载
- name: secret-volume
mountPath: "/etc/test-secret"
readOnly: true
dnsPolicy: ClusterFirst
restartPolicy: Always
volumes: # 添加挂载
- name: secret-volume
secret:
secretName: dev-mark
status: {}kubectl create -f secret-pod.yaml