Comments (4)
Looks like it was removed here:
a9cb5f7#diff-404b56b95be0b6ab7483e7e18d8941ca7e9b472842d844874d25b97ed14b2b2dL19-L32
For anyone also doing this right now, this was the old content of the file:
kind: EncryptionConfig
apiVersion: v1
resources:
- resources:
- secrets
providers:
- aescbc:
keys:
- name: key1
secret: ${ENCRYPTION_KEY}
- identity: {}
from kubernetes-the-hard-way.
@Stabalmo The provided command uses envsubst to create encryption-config.yaml using configs/encryption-config.yaml. The file is not present in configs.
As @JanoschDeurer stated, the instruction to create encryption-config.yaml was changed from a heredoc to using envsubst to copy configs/encryption-config.yaml to encryption-config.yaml using while replacing ${ENCRYPTION_KEY} with the value assigned from the previous command.
I think the encryption-config.yaml file should already be in the configs directory from the git repo or the instruction to create it should be added back in as a preceeding step and changing the output to the config directory instead of the current directory.
At line 17, add:
Create the
encryption-config.yaml
template file:cat > configs/encryption-config.yaml <<EOF kind: EncryptionConfig apiVersion: v1 resources: - resources: - secrets providers: - aescbc: keys: - name: key1 secret: ${ENCRYPTION_KEY} - identity: {} EOF
from kubernetes-the-hard-way.
RCA
It seems like the file was removed because it was added in .gitignore
by @kelseyhightower to make sure if a user is pushing changes to the repo the encryption-config.yaml
file with actual ENCRYPTION_KEY
is not pushed.
In recent #767 while moving to arm64 the actual configs/encryption-config.yaml
file couldn't be pushed because of .gitignore
kubernetes-the-hard-way/.gitignore
Line 11 in a9cb5f7
Solution
I have created the PR #780 to address this issue by adding the configs/encryption-config.yaml
file and update .gitignore
accordingly
from kubernetes-the-hard-way.
You have coulde to use this part https://github.com/kelseyhightower/kubernetes-the-hard-way/blob/1.21.0/docs/06-data-encryption-keys.md#the-encryption-config-file
You need to create a file yourself
from kubernetes-the-hard-way.
Related Issues (20)
- download.txt file is missing HOT 1
- Access Denied for https://storage.googleapis.com/kubernetes-the-hard-way/cfssl/1.4.1/linux/cfssl HOT 1
- Pods can't resolve any DNS
- What does the --apiserver-count option do in kube-apiserver?
- Docs : special-purpose authorization mode link redirecting to an Error k8s page HOT 1
- More recent versions of cfssl (~1.6.4) command syntax change
- service account issuer needs to be the same on all servers
- Unknown subnet 10.200.0.0/16 causing ERROR while creating firewall rules
- kubectl get nodes lists only the worker nodes. How can i add control plane to it? HOT 1
- At what point of configuration controlplane/kube-api-server find its worker nodes for communication?
- x86_64 arch binaries support
- etcd systemd configuration missing HOT 3
- How DNS resolution happens? HOT 2
- A small error in "Bootstrapping the Kubernetes Worker Nodes" step
- Second scp for kubelet-config.yaml file overwrites
- No instructions on setting up jumpbox? HOT 1
- Facing Issue in Configuring SSH Access HOT 1
- machines.txt
- No encryption-config.yaml HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from kubernetes-the-hard-way.