summaryrefslogtreecommitdiff
path: root/roles/kubernetes/kubeadm/master/templates/encryption-config.j2
diff options
context:
space:
mode:
authorChristian Pointner <equinox@spreadspace.org>2020-01-11 03:35:03 +0100
committerChristian Pointner <equinox@spreadspace.org>2020-01-31 22:31:22 +0100
commitddc8db7956cbf68afb1bb49401827e9b55ab139f (patch)
treecd8f856d8eb9b2a723ecafe2a8185069fd0460f3 /roles/kubernetes/kubeadm/master/templates/encryption-config.j2
parentkuberntes: base installation works now (diff)
kubernetes: new/updated kubeadm master role (WIP)
Diffstat (limited to 'roles/kubernetes/kubeadm/master/templates/encryption-config.j2')
-rw-r--r--roles/kubernetes/kubeadm/master/templates/encryption-config.j213
1 files changed, 13 insertions, 0 deletions
diff --git a/roles/kubernetes/kubeadm/master/templates/encryption-config.j2 b/roles/kubernetes/kubeadm/master/templates/encryption-config.j2
new file mode 100644
index 00000000..a69ae84b
--- /dev/null
+++ b/roles/kubernetes/kubeadm/master/templates/encryption-config.j2
@@ -0,0 +1,13 @@
+kind: EncryptionConfiguration
+apiVersion: apiserver.config.k8s.io/v1
+resources:
+ - resources:
+ - secrets
+ providers:
+ - secretbox:
+ keys:
+{% for key in kubernetes.encryption_config_keys %}
+ - name: key{{ loop.index }}
+ secret: {{ key }}
+{% endfor %}
+ - identity: {}