* Error while tearing down pod, "device or resource busy" on service account secret ([28750](https://github.com/kubernetes/kubernetes/issues/28750))



# v1.3.2

[Documentation](http://kubernetes.github.io) & [Examples](http://releases.k8s.io/release-1.3/examples)

## Downloads

# 설정과 환경 변수 { #settings-and-environment-variables }

많은 경우 애플리케이션에는 외부 설정이나 구성(예: secret key, 데이터베이스 자격 증명, 이메일 서비스 자격 증명 등)이 필요할 수 있습니다.

이러한 설정 대부분은 데이터베이스 URL처럼 변동 가능(변경될 수 있음)합니다. 그리고 많은 설정은 secret처럼 민감할 수 있습니다.

이 때문에 보통 애플리케이션이 읽어들이는 환경 변수로 이를 제공하는 것이 일반적입니다.

/// tip | 팁

환경 변수를 이해하려면 [환경 변수](../environment-variables.md)를 읽어보세요.

///

## 타입과 검증 { #types-and-validation }

In many cases your application could need some external settings or configurations, for example secret keys, database credentials, credentials for email services, etc.

Most of these settings are variable (can change), like database URLs. And many could be sensitive, like secrets.

For this reason it's common to provide them in environment variables that are read by the application.

/// tip

///

## 实际效果 { #see-it-in-action }

打开交互式文档：[http://127.0.0.1:8000/docs](http://127.0.0.1:8000/docs)。

### 身份验证 { #authenticate }

点击“Authorize”按钮。

使用以下凭证：

用户名：`johndoe`

密码：`secret`

<img src="/img/tutorial/security/image04.png">

通过身份验证后，显示下图所示的内容：

<img src="/img/tutorial/security/image05.png">

### 获取当前用户数据 { #get-your-own-user-data }

使用 `/users/me` 路径的 `GET` 操作。

          .isEqualTo(expected);
    }
  }

  public void testNullPointers() {
    NullPointerTester tester =
        new NullPointerTester()
            .setDefault(byte[].class, "secret key".getBytes(UTF_8))
            .setDefault(HashCode.class, HashCode.fromLong(0));
    tester.testAllPublicStaticMethods(Hashing.class);
  }

  public void testSeedlessHashFunctionEquals() throws Exception {

if [ $? -ne 0 ]; then
	echo "policy mapping missing, exiting.."
	exit_1
fi

# LDAP simple user
./mc admin user svcacct add minio2 dillon --access-key testsvc --secret-key testsvc123
if [ $? -ne 0 ]; then
	echo "adding svc account failed, exiting.."
	exit_1
fi

sleep 10

./mc idp ldap policy entities minio1
./mc idp ldap policy entities minio2

labels.ldap_memberof_attribute=memberOf Attribute
labels.notification_login=Login Page
labels.notification_search_top=Search Top Page
labels.storage_endpoint=Endpoint
labels.storage_access_key=Access Key
labels.storage_secret_key=Secret Key
labels.storage_bucket=Bucket
labels.storage_type=Type
labels.storage_type_auto=Auto
labels.storage_type_s3=S3
labels.storage_type_gcs=GCS
labels.storage_region=Region
labels.storage_project_id=Project ID

* ACTION REQUIRED: Azure cloud provider could now be configured by Kubernetes secrets and a new option `cloudConfigType` is introduced, whose candidate values are `file`, `secret` and `merge` (default is `merge`). Note that the secret is a serialized version of azure.json file with key cloud-config. And the secret name is azure-cloud-provider in kube-system namespace. To allow Azure cloud provider read this secret, the RBAC permission referred [here](https://github.com/kubernetes/kubernetes/pull/78242)...

      .assertFailure("canceled", "Canceled", "Socket closed", "Socket is closed")
  }

  @Test
  fun cancelAll() {
    val call = client.newCall(Request(server.url("/")))
    call.enqueue(callback)
    client.dispatcher.cancelAll()
    callback
      .await(server.url("/"))
      .assertFailure("canceled", "Canceled", "Socket closed", "Socket is closed")
  }

  @Test

インタラクティブドキュメントを開きます: [http://127.0.0.1:8000/docs](http://127.0.0.1:8000/docs)。

### 認証 { #authenticate }

「Authorize」ボタンをクリックします。

次の認証情報を使います:

User: `johndoe`

Password: `secret`

<img src="/img/tutorial/security/image04.png">

システムで認証されると、次のように表示されます:

<img src="/img/tutorial/security/image05.png">

### 自分のユーザーデータを取得 { #get-your-own-user-data }