-
Notifications
You must be signed in to change notification settings - Fork 40k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Adds a mechanism in vSphere Cloud Provider to get credentials from Kubernetes secrets #63902
Adds a mechanism in vSphere Cloud Provider to get credentials from Kubernetes secrets #63902
Conversation
//cc @kubernetes/vmware |
6edf469
to
e5e001c
Compare
/retest |
/retest |
/lgtm |
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: abrarshivani, divyenpatel The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
Automatic merge from submit-queue (batch tested with PRs 63969, 63902, 63689, 63973, 63978). If you want to cherry-pick this change to another branch, please follow the instructions here. |
Question is this available as part of K8s 1.10.3? And can the Secret be Global i.e. not for specific VirtualCenter:
|
What this PR does / why we need it:
Currently, vCenter credentials are stored in plain text in vsphere.conf. This PR adds a mechanism in vSphere Cloud Provider to get vCenter credentials from Kubernetes secrets.
Which issue(s) this PR fixes (optional, in
fixes #<issue number>(, fixes #<issue_number>, ...)
format, will close the issue(s) when PR gets merged):Fixes #
Special notes for your reviewer:
Internally review here: vmware-archive#484
Workflow:
Create vsphere.conf file with
secret-name
andsecret-namespace
.Launch Kubernetes cluster with vSphere Cloud Provider Configured.
Create secret with vCenter credentials.
a. Create base64 encoding for username and password:
username:
password:
b. kubectl create -f vccredentials.yaml
vSphere Cloud Provider can be used now.
Note:
Secrets info can be provided with both (old and new) vSphere Cloud provider configuration formats.
Tests Done:
Release note: