-
- Downloads
Added option for encrypting secrets to etcd v.2 (#2428)
* Added option for encrypting secrets to etcd * Fix keylength to 32 * Forgot the default * Rename secrets.yaml to secrets_encryption.yaml * Fix static path for secrets file to use ansible variable * Rename secrets.yaml.j2 to secrets_encryption.yaml.j2 * Base64 encode the token * Fixed merge error * Changed path to credentials dir * Update path to secrets file which is now readable inside the apiserver container. Set better file permissions * Add encryption option to k8s-cluster.yml
Showing
- inventory/sample/group_vars/k8s-cluster.yml 4 additions, 1 deletioninventory/sample/group_vars/k8s-cluster.yml
- roles/kubernetes/master/defaults/main.yml 5 additions, 0 deletionsroles/kubernetes/master/defaults/main.yml
- roles/kubernetes/master/tasks/encrypt-at-rest.yml 10 additions, 0 deletionsroles/kubernetes/master/tasks/encrypt-at-rest.yml
- roles/kubernetes/master/tasks/main.yml 3 additions, 0 deletionsroles/kubernetes/master/tasks/main.yml
- roles/kubernetes/master/templates/kubeadm-config.yaml.j2 3 additions, 0 deletionsroles/kubernetes/master/templates/kubeadm-config.yaml.j2
- roles/kubernetes/master/templates/manifests/kube-apiserver.manifest.j2 3 additions, 0 deletions...tes/master/templates/manifests/kube-apiserver.manifest.j2
- roles/kubernetes/master/templates/secrets_encryption.yaml.j2 11 additions, 0 deletionsroles/kubernetes/master/templates/secrets_encryption.yaml.j2
Loading
Please register or sign in to comment