I have a question and I hope anyone can help me. well, I have a deployment YAML file having a pod for an application and this app must be connected with redisDB using environment variables, I already setting the environment variables on the pod as u see here :
spec:
containers:
- name: app
image: nix/python
ports:
- containerPort: 8000
imagePullPolicy: Always
env:
- name: ENVIRONMENT
value: "DEV"
- name: HOST
value: "localhost"
- name: PORT
value: "8000"
- name: REDIS_HOST
value: "nix"
- name: REDIS_PORT
value: "6379"
- name: REDIS_DB
value: "0"
but I think it's not a best practice as a secure way, so I am thinking of defining those environments all into a secret object and referring to it under the container env. I just wanna refer to the name of the secret name and the container must read all the variables all at once not one by one. so how to make it plz ?
CodePudding user response:
Replace the env
field with this:
envFrom:
- secretRef:
name: {{ .name }}
optional: false
Set {{ .name }}
to the name of the secret object you create.
You secret object should look like this:
apiVersion: v1
kind: Secret
metadata:
name: {{ .name }}
type: Opaque
stringData:
ENVIRONMENT: "DEV"
HOST: "localhost"
PORT: "8000"
REDIS_HOST: "nix"
REDIS_PORT: "6379"
REDIS_DB: "0"