Docker 1.13 introduced a set of features that allow us to centrally manage secrets and pass them only to services that need them. They provide a much-needed mechanism to provide information that should be hidden from anyone except designated services.
A secret (at least from Docker's point of view) is a blob of data. A typical use case would be a certificate, SSH private keys, passwords, and so on. Secrets should stay secret meaning that they should not be stored unencrypted or transmitted over a network.
With all that being said, let's see them in action and continue our discussion through practical examples.
All the commands from this chapter are available in the 14-secrets.sh (https://gist.github.com/vfarcic/906d37d1964255b40af430bb03d2a72e) Gist.