Docker Secret

From PKC
Revision as of 13:14, 29 June 2021 by Admin (talk | contribs) (→‎Use Secret in Docker Compose)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Docker secret is a way to specify parameters without showing its plain text value in Dockerfile. One of the obvious starting point is the official Docker documentation website[1].

Use Secret in Docker Compose

The following docker-compose file is an example. 

version: "3.9"

services:
   db:
     image: mysql:latest
     volumes:
       - db_data:/var/lib/mysql
     environment:
       MYSQL_ROOT_PASSWORD_FILE: /run/secrets/db_root_password
       MYSQL_DATABASE: wordpress
       MYSQL_USER: wordpress
       MYSQL_PASSWORD_FILE: /run/secrets/db_password
     secrets:
       - db_root_password
       - db_password

   wordpress:
     depends_on:
       - db
     image: wordpress:latest
     ports:
       - "8000:80"
     environment:
       WORDPRESS_DB_HOST: db:3306
       WORDPRESS_DB_USER: wordpress
       WORDPRESS_DB_PASSWORD_FILE: /run/secrets/db_password
     secrets:
       - db_password


secrets:
   db_password:
     file: db_password.txt
   db_root_password:
     file: db_root_password.txt

volumes:
    db_data:

References

  1. https://docs.docker.com/engine/swarm/secrets/
Retrieved from "https://pkc.pub/index.php?title=Docker_Secret&oldid=3669"