Merge branch 'topic/k8s-1.24'

author: Christian Pointner <equinox@spreadspace.org> 2022-05-08 02:19:02 +0200
committer: Christian Pointner <equinox@spreadspace.org> 2022-05-08 02:19:02 +0200
commit: 382f294e9b1dbcc2cb298d6a0cc80234dffcab82 (patch)
tree: c4339e341070ef5b2012fd8a9cced42217decd62 /roles/kubernetes/kubeadm/control-plane/templates/encryption-config.j2
parent: prepare ch-dione and ch-helene for chtest k8s cluster (diff)
parent: kubernetes/kubeadm: fix kubeguard network plugin (diff)
1 files changed, 13 insertions, 0 deletions
diff --git a/roles/kubernetes/kubeadm/control-plane/templates/encryption-config.j2 b/roles/kubernetes/kubeadm/control-plane/templates/encryption-config.j2
new file mode 100644
index 00000000..345c9bf9
--- /dev/null
+++ b/roles/kubernetes/kubeadm/control-plane/templates/encryption-config.j2
@@ -0,0 +1,13 @@
+kind: EncryptionConfiguration
+apiVersion: apiserver.config.k8s.io/v1
+resources:
+  - resources:
+    - secrets
+    providers:
+    - secretbox:
+        keys:
+{% for key in kubernetes_secrets.encryption_config_keys %}
+        - name: key{{ loop.index }}
+          secret: {{ key }}
+{% endfor %}
+    - identity: {}
author	Christian Pointner <equinox@spreadspace.org>	2022-05-08 02:19:02 +0200
committer	Christian Pointner <equinox@spreadspace.org>	2022-05-08 02:19:02 +0200
commit	382f294e9b1dbcc2cb298d6a0cc80234dffcab82 (patch)
tree	c4339e341070ef5b2012fd8a9cced42217decd62 /roles/kubernetes/kubeadm/control-plane/templates/encryption-config.j2
parent	prepare ch-dione and ch-helene for chtest k8s cluster (diff)
parent	kubernetes/kubeadm: fix kubeguard network plugin (diff)