Lab 5.6 - Managing Sensitive Information With Secrets

1. Login as a developer user

oc login -u developer -p rahasia https://api.openshift.podX.io:6443

2. Create a new project

oc new-project authorization-secrets

3. Create a secret with the credentials and connection information to access a MySQL database.

oc create secret generic mysql \
 --from-literal user=myuser --from-literal password=okd123 \
 --from-literal database=test_secrets --from-literal hostname=mysql

4. Deploy a database and add the secret for user and database configuration

oc new-app --name mysql \
 --docker-image registry.access.redhat.com/rhscl/mysql-57-rhel7:5.7-47

5. Verify the status of deployment

oc get pods 

#It would fail

6. Setting the mysql secret as an environment variable to the deployment configuration triggers

oc set env deployment/mysql --prefix MYSQL_ \
 --from secret/mysql

7. Verify that the mysql application was deployed successfully

oc get pods
oc rsh mysql-7cd7499d66-cl89n

# If you found `tls: internal error`, make sure that all csr approved.

8. Verify that the database works

mysql -u myuser --password=okd123 test_secrets -e 'show databases;'
exit

Daftar Materi