I inherited a Kubernetes/Docker setup, and I accidentally crashed the pod by changing something relating to the DB password.
I am trying to troubleshoot this.
I don't have much Kubernetes or Docker experience, so I'm still learning how to do things.
The value is contained inside the db-user-pass credential I believe, which is an Opaque type secret.
I'm describing it:
kubectl describe secrets/db-user-pass Name: db-user-pass Namespace: default Labels: <none> Annotations: <none> Type: Opaque Data ==== password: 16 bytes username: 13 bytes
but I have no clue how to get any data from this secret. The example on the Kubernetes site seems to assume I'll have a base64 encoded string, but I can't even seem to get that. How do I get the value for this?
If you want to access data from a Secret in a Pod, one way to do that is to have Kubernetes make the value of that Secret be available as a file inside the filesystem of one or more of the Pod's containers. To configure that, you: Create a secret or use an existing one. Multiple Pods can reference the same secret.
Kubernetes encodes the Secret data in base64 format. When you need to reveal a Secret text, you must base64-decode it. To enable containers to access Secrets, you have the option to mount the Secret as a volume.
Kubernetes stores secrets as base64 encoded strings and encrypts the data on disk. In order to save a secret in Kubernetes it must be converted to a base64 string.
You can use kubectl get secrets/db-user-pass -o yaml
or -o json
where you'll see the base64-encoded username
and password
. You can then copy the value and decode it with something like echo <ENCODED_VALUE> | base64 -D
(Mac OS X).
A more compact one-liner for this:
kubectl get secrets/db-user-pass --template={{.data.password}} | base64 -D
and likewise for the username:
kubectl get secrets/db-user-pass --template={{.data.username}} | base64 -D
Note: on GNU/Linux, the base64 flag is -d
, not -D
.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With