Creating a Secret
Create an array secret YAML file in order to define the storage credentials (username and password) and address.
Important: When your storage system password is changed, be sure to also change the passwords in the corresponding secrets, particularly when LDAP is used on the storage systems.
Failing to do so causes mismatched passwords across the storage systems and the secrets, causing the user to be locked out of the storage systems.
Note: If using the CSI Topology feature, follow the steps in Creating a Secret with topology awareness.
Use one of the following procedures to create and apply the secret:
Creating an array secret file
Create the secret file, similar to the following
management_addressfield can contain more than one address, with each value separated by a comma.
kind: Secret apiVersion: v1 metadata: name: demo-secret namespace: default type: Opaque stringData: management_address: demo-management-address # Array management addresses username: demo-username # Array username data: password: ZGVtby1wYXNzd29yZA== # base64 array password
Apply the secret using the following command:
kubectl apply -f <filename>.yaml
The `secret/<secret-name> created` message is emitted.
Creating an array secret via command line
Note: This procedure is applicable for both Kubernetes and Red Hat® OpenShift®. For Red Hat OpenShift, replace
oc in all relevant commands.
Create the secret using the following command:
kubectl create secret generic demo-secret --from-literal=username=demo-username --from-literal=password=demo-password --from-literal=management_address=demo-management-address -n default