Secrets

An overview of the various sections of the Replicated YAML.

Looking for documentation?

For KOTS documentation, check out kots.io.

Secrets

Replicated does not externally manage secrets in Kubernetes clusters, instead being specified and used as part of the application specification. Template functions can be used to dynamically write secrets into a configuration item from config items or commands.

Kubernetes resources are created in the order they appear in the release YAML. Pods that reference secrets will not start until the secret is available. Until the secret is successfully mounted, the pod will stay in the Pending state. To reduce the amount of time the Kubernetes scheduler stays in this state, create secrets before creating pods.

Replicated does not recommend managing secrets separately from the release YAML. Secrets are provisioned in the namespace of the application release, which is subject to change between updates.