Creating a Secret
Create an array secret YAML file in order to define the storage credentials (username and password) and address.
Important: When your storage system password is changed, be sure to also change the passwords in the corresponding secrets, particularly when LDAP is used on the storage systems.
Failing to do so causes mismatched passwords
across the storage systems and the secrets, causing the user to be locked out of the storage systems.
Note: If using the CSI Topology feature, follow the steps in Creating a Secret with topology awareness.
Use one of the following procedures to create and apply the secret:
Creating an array secret file
-
Create the secret file, similar to the following
demo-secret.yaml
:The
management_address
field can contain more than one address, with each value separated by a comma.kind: Secret apiVersion: v1 metadata: name: demo-secret namespace: default type: Opaque stringData: management_address: demo-management-address # Array management addresses username: demo-username # Array username data: password: ZGVtby1wYXNzd29yZA== # base64 array password
-
Apply the secret using the following command:
kubectl apply -f <filename>.yaml
The `secret/<secret-name> created` message is emitted.
Creating an array secret via command line
Note: This procedure is applicable for both Kubernetes and Red Hat® OpenShift®. For Red Hat OpenShift, replace kubectl
with oc
in all relevant commands.
Create the secret using the following command:
kubectl create secret generic demo-secret --from-literal=username=demo-username --from-literal=password=demo-password --from-literal=management_address=demo-management-address -n default