Clever Geek Handbook

Kubernetes Secrets - What is the purpose of the "Opaque" type in secret definitions

In most of the examples on using secrets in Kubernet, you can find similar examples:

apiVersion: v1
kind: Secret
metadata:
  name: mysecret
type: Opaque
data:
  username: User
  password: **********

What is the purpose type: Opaque

in the definition above? What other types (and for what use cases) can I specify there?

+3


source to share


2 answers


type: Opaque

means that from the Kubernetes point of view, the contents of this Secret are unstructured, they can contain arbitrary key-value pairs.



On the contrary, there are secret ServiceAccount

credentials stores or those used like ImagePullSecret

. They have limited content.

+5


source


looks like its read-only value for clients, clients are not allowed to change this value.

This value MUST be considered opaque to clients and passed unchanged back to the service

This page contains data in the resourceVersion.



change

link changes here document info:

resourceVersion string An opaque value that represents an internal version of this object that clients can use to determine when objects have changed. Can be used for optimistic concurrency, change discovery, and lookup operation on a resource or resource collection. Clients should treat these values ​​as opaque and pass unmodified back to the server. They can only be valid for a specific resource or set of resources. Inhabited by the system. Only for reading. The value must be treated as opaque by clients. More information: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency

https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.9/

0


source






More articles:


All Articles