GithubHelp home page GithubHelp logo

Comments (4)

JanoschDeurer avatar JanoschDeurer commented on June 16, 2024 12

Looks like it was removed here:

a9cb5f7#diff-404b56b95be0b6ab7483e7e18d8941ca7e9b472842d844874d25b97ed14b2b2dL19-L32

For anyone also doing this right now, this was the old content of the file:

kind: EncryptionConfig
apiVersion: v1
resources:
  - resources:
      - secrets
    providers:
      - aescbc:
          keys:
            - name: key1
              secret: ${ENCRYPTION_KEY}
      - identity: {}

from kubernetes-the-hard-way.

MonkadelicD avatar MonkadelicD commented on June 16, 2024 3

@Stabalmo The provided command uses envsubst to create encryption-config.yaml using configs/encryption-config.yaml. The file is not present in configs.

As @JanoschDeurer stated, the instruction to create encryption-config.yaml was changed from a heredoc to using envsubst to copy configs/encryption-config.yaml to encryption-config.yaml using while replacing ${ENCRYPTION_KEY} with the value assigned from the previous command.

I think the encryption-config.yaml file should already be in the configs directory from the git repo or the instruction to create it should be added back in as a preceeding step and changing the output to the config directory instead of the current directory.

At line 17, add:

Create the encryption-config.yaml template file:

cat > configs/encryption-config.yaml <<EOF
kind: EncryptionConfig
apiVersion: v1
resources:
  - resources:
      - secrets
    providers:
      - aescbc:
          keys:
            - name: key1
              secret: ${ENCRYPTION_KEY}
      - identity: {}
EOF

from kubernetes-the-hard-way.

chiukapoor avatar chiukapoor commented on June 16, 2024 1

RCA

It seems like the file was removed because it was added in .gitignore by @kelseyhightower to make sure if a user is pushing changes to the repo the encryption-config.yaml file with actual ENCRYPTION_KEY is not pushed.

In recent #767 while moving to arm64 the actual configs/encryption-config.yaml file couldn't be pushed because of .gitignore

kubernetes-the-hard-way/.gitignore

Line 11 in a9cb5f7

encryption-config.yaml

Solution

I have created the PR #780 to address this issue by adding the configs/encryption-config.yaml file and update .gitignore accordingly

from kubernetes-the-hard-way.

Stabalmo avatar Stabalmo commented on June 16, 2024

You have coulde to use this part https://github.com/kelseyhightower/kubernetes-the-hard-way/blob/1.21.0/docs/06-data-encryption-keys.md#the-encryption-config-file

You need to create a file yourself

from kubernetes-the-hard-way.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.