kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Remove obsolete, redundant secrets.md

This commit is contained in:
John Gardiner Myers 2021-12-11 20:01:55 -08:00
parent c9dcf33587
commit ac397367b7
3 changed files with 0 additions and 45 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
docs/README.md
View File

@ -64,7 +64,6 @@ For a better viewing experience please check out our live documentation site at
* [`kops` updating](operations/updates_and_upgrades.md#updating-kops)
* [Label management](labels.md)
* for cluster nodes
* [Secret management](secrets.md)
* [Service Account Token Volume Projection](operations/service_account_token_volumes.md)
* [Moving from a Single Master to Multiple HA Masters](single-to-multi-master.md)
* [Upgrading Kubernetes](tutorial/upgrading-kubernetes.md)

43
docs/secrets.md
View File

@ -1,43 +0,0 @@
## Managing secrets
### get secrets
### get secret <name> -oplaintext
-oplaintext exposes the raw secret value.
### create secret
`kops create secret sshpublickey admin -i ~/.ssh/id_rsa.pub`
### delete secret
Syntax: `kops delete secret <type> <name>`
or `kops delete secret <type> <name> <id>`
The ID form can be used when there are multiple matching keys.
example:
`kops delete secret sshpublickey admin`
Note: it is currently not possible to delete secrets from the keystore that have the type "Secret"
### adding ssh credential from spec file
```yaml
apiVersion: kops.k8s.io/v1alpha2
kind: SSHCredential
metadata:
labels:
kops.k8s.io/cluster: dev.k8s.example.com
spec:
publicKey: "ssh-rsa AAAAB3NzaC1 dev@devbox"
```
## Workaround for changing secrets with type "Secret"
As it is currently not possible to modify or delete + create secrets of type "Secret" with the CLI you have to modify them directly in the kOps s3 bucket.
They are stored /clustername/secrets/ and contain the secret as a base64 encoded string. To change the secret base64 encode it with:
```echo -n 'MY_SECRET' | base64```
and replace it in the "Data" field of the file. Verify your change with get secrets and perform a rolling update of the cluster.

1
mkdocs.yml
View File

@ -83,7 +83,6 @@ nav:
- Cluster Templating: "operations/cluster_template.md"
- GPU setup: "gpu.md"
- Label management: "labels.md"
- Secret management: "secrets.md"
- Rotate Secrets: "operations/rotate-secrets.md"
- Service Account Token Volume: "operations/service_account_token_volumes.md"
- Moving from a Single Master to Multiple HA Masters: "single-to-multi-master.md"