Pod does not see secrets

Question

The pod that created in the same default namespace as it's secret does not see values from it.

Secret's file contains following:

apiVersion: v1
kind: Secret
metadata:
  name: backend-secret
data:
  SECRET_KEY: <base64 of value>
  DEBUG: <base64 of value>

After creating this secret via kubectl create -f backend-secret.yaml I'm launching pod with the following configuration:

apiVersion: v1
kind: Pod
metadata:
  name: backend
spec:
  containers:
    - image: backend
      name: backend
      ports:
        - containerPort: 8000
  imagePullSecrets:
    - name: dockerhub-credentials
  volumes:
  - name: secret
    secret:
      secretName: backend-secret

But pod crashes after trying to extract this environment variable via python's os.environ['DEBUG'] line.

How to make it work?

Answer 1

Finally, I've used these lines at Deployment.spec.template.spec.containers:

  containers:
  - name: backend
    image: zuber93/wts_backend
    imagePullPolicy: Always
    envFrom:
    - secretRef:
        name: backend-secret
    ports:
    - containerPort: 8000

Answer 2

If you mount secret as volume, it will be mounted in a defined directory where key name will be the file name. For example click here

If you want to access secrets from the environment into your pod then you need to use secret in an environment variable like following.

apiVersion: v1
kind: Pod
metadata:
  name: backend
spec:
  containers:
    - image: backend
      name: backend
      ports:
        - containerPort: 8000
      env:
      - name: DEBUG
        valueFrom:
          secretKeyRef:
            name: backend-secret
            key: DEBUG
      - name: SECRET_KEY
        valueFrom:
          secretKeyRef:
            name: backend-secret
            key: SECRET_KEY
  imagePullSecrets:
    - name: dockerhub-credentials

Ref: https://kubernetes.io/docs/concepts/configuration/secret/#using-secrets-as-environment-variables