Cloud Docs Home > F5 Container Integrations Index

Secure sensitive information with Secrets

In Kubernetes and OpenShift, a Secret allows you to securely store and consume sensitive data in your cluster.

Tip

  • Be sure to create your Secret in the same Namespace as the resource that needs to access it.
  • If using OpenShift, substitute kubectl with oc when following the examples provided.

Add a TLS certificate and key

  1. Encode your certificate and key with base64.

  2. Add the encoded certificate and key to the Data field of the Secret as “<myCert>.crt” and “<myKey>.key”.

    data:
      tls.crt: <base64-encoded_cert>
      tls.key: <base64-encoded_key>
    

See also

See the Kubernetes documentation: Distribute Credentials Securely Using Secrets.

Pull an image from a private Docker registry

If you need to pull images from a private Docker registry, follow the instructions provided in the Kubernetes documentation:

Secure your BIG-IP credentials

Create a generic Secret containing your BIG-IP login information.

kubectl create secret generic bigip-login --namespace kube-system --from-literal=username=admin --from-literal=password=admin
secret "bigip-login" created

Verify that a Secret exists

If using standard Kubernetes, see the Kubernetes Secrets documentation.

If using OpenShift, see the OpenShift Secrets documentation.