Docker Secret

Ways to create a secret:

Using a file

docker secret create <secret_name> <file_name>

Using CLI

echo "Secret_String" | docker secret create <secret_name> -

Example:

Creating a postgres service with secret

docker service create --name postgres --secret db_username --secret db_password -e POSTGRES_PASSWORD_FILE=/run/secrets/db_password -e POSTGRES_USER_FILE=/run/secrets/db_username postgres

By default all the secrets are stored in /run/secrets/<secret_name> in the container.

Deploying a stack with secrets using docker compose yaml file

version: "3.1"

services:

# Service Name Defined as web

postgresDB:

# Pull the Image from Repository.

image: postgres:latest

# Command to use secrects in

secrets:

# define Secrets name

- db_username

- db_password

environment:

# Define environment varaibles

POSTGRES_PASSWORD_FILE: /run/secrets/db_password

POSTGRES_USER_FILE: /run/secrets/db_username

centOS:

image: centos

deploy:

replicas: 1

entrypoint: /bin/sh

stdin_open: true

tty: true

secrets:

- source: my-secret

secrets:

db_username:

file: ./postgres_user.txt

db_password:

file: ./postgres_password.txt

my-secret:

external: true # when we are using a secret that will be created using cli and not a file

Want to print your doc?
This is not the way.

Try clicking the ⋯ next to your doc name or using a keyboard shortcut (

CtrlP

) instead.