apiVersion: v1
kind: Pod
metadata:
name: test-projected-volume
spec:
containers:
- name: test-secret-volume
image: busybox
args:
- sleep
- "86400"
volumeMounts:
- name: mysql-cred
mountPath: "/projected-volume"
readOnly: true
volumes:
- name: mysql-cred
projected:
sources:
- secret:
name: user
- secret:
name: pass
$ cat ./username.txt
admin
$ cat ./password.txt
c1oudc0w!
$ kubectl create secret generic user --from-file=./username.txt
$ kubectl create secret generic pass --from-file=./password.txt
[root@dock01 ~]# kubectl get secrets
NAME TYPE DATA AGE
default-token-2sd4w kubernetes.io/service-account-token 3 4d7h
pass Opaque 1 15s
user Opaque 1 21s
kubectl create -f
[root@dock01 ~]# cat test-projected-volume1.yaml
apiVersion: v1
kind: Pod
metadata:
name: test-projected-volume
spec:
containers:
- name: test-secret-volume01
image: busybox
args:
- sleep
- "86400"
volumeMounts:
- name: mysql-cred
mountPath: "/projected-volume"
readOnly: true
volumes:
- name: mysql-cred
projected:
sources:
- secret:
name: user
- secret:
name: pass
kubectl create -f test-projected-volume1.yaml
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 80s default-scheduler Successfully assigned default/test-projected-volume to dock02
Normal Pulling 79s kubelet Pulling image "busybox"
Normal Pulled 68s kubelet Successfully pulled image "busybox" in 11.577376443s
Normal Created 67s kubelet Created container test-secret-volume01
Normal Started 67s kubelet Started container test-secret-volume01
[root@dock01 ~]# kubectl describe pod test-projected-volume
kubectl exec -it test-projected-volume -- /bin/sh
/ # cat /projected-volume/username.txt
admin
/ # cat /projected-volume/password.txt
c1oudc0w!