방법1. valueFrom을 사용하여 참조
#valueFrom을 사용하여 참조
apiVersion: v1
kind: Pod
metadata:
name: secret-test-pod
spec:
containers:
- name: secret-test-container
image: nginx
env:
- name: USER_NAME
valueFrom:
secretKeyRef:
name: app-secret
key: username
- name: USER_PASSWORD
valueFrom:
secretKeyRef:
name: app-secret
key: password
#컨테이너 환경변수 확인
kubectl exec <pod명> <컨테이너명> -- <명령어>
kubectl exec secret-test-pod nginx -- printenv | grep USER_NAME
USER_NAME=admin
kubectl exec secret-test-pod nginx -- printenv | grep USER_PASSWORD
USER_PASSWORD=cGFzc3dvcmQxMjM0
방법2. envFrom을 사용하여 참조
#secret의 data전체를 참조
apiVersion: v1
kind: Pod
metadata:
name: secret-test-pod
spec:
containers:
- name: secret-test-container
image: nginx
envFrom:
- secretRef:
name: app-secret
#컨테이너 환경변수확인
kubectl exec secret-test-pod nginx -- printenv | grep username
username=admin
kubectl exec secret-test-pod nginx -- printenv | grep password
password=cGFzc3dvcmQxMjM0
방법3. secret을 볼륨으로 마운트하여 사용
#정의파일
apiVersion: v1
kind: Pod
metadata:
name: secret-test-pod
spec:
volumes:
- name: secret-volume
secret:
secretName: app-secret
containers:
- name: secret-test-container
image: nginx
volumeMounts:
- name: secret-volume
readOnly: true
mountPath: "/etc/secret"
#파일 확인
kubectl exec secret-test-pod nginx -- ls /etc/secret/
password
username
#secret값 확인
kubectl exec secret-test-pod nginx -- cat /etc/secret/username
admin
kubectl exec secret-test-pod nginx -- cat /etc/secret/password
cGFzc3dvcmQxMjM0
'ops > kubernetes' 카테고리의 다른 글
| 리소스 정의파일에서 configmap 사용하기 (0) | 2026.01.07 |
|---|---|
| configmap 생성하기 (0) | 2026.01.07 |
| secret 생성하기 (0) | 2026.01.07 |
| 실행중인 컨테이너 접속 (0) | 2026.01.02 |
| pod 관련 명령어 (0) | 2025.12.26 |