mirrors
/
kubernetes-the-hard-way
mirror of https://github.com/kelseyhightower/kubernetes-the-hard-way
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

The chapter 'Generating the Data Encryption Config and Key' is updated.

pull/443/head
Pick1a1username 2019-02-16 18:10:11 +09:00
parent 907165bba8
commit 186bb92640
1 changed files with 5 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
docs/06-data-encryption-keys.md
View File

@ -9,7 +9,7 @@ In this lab you will generate an encryption key and an [encryption config](https
Generate an encryption key: Generate an encryption key:
``` ```
ENCRYPTION_KEY=$(head -c 32 /dev/urandom | base64) $ ENCRYPTION_KEY=$(head -c 32 /dev/urandom | base64)
``` ```
## The Encryption Config File ## The Encryption Config File
@ -17,7 +17,7 @@ ENCRYPTION_KEY=$(head -c 32 /dev/urandom | base64)
Create the `encryption-config.yaml` encryption config file: Create the `encryption-config.yaml` encryption config file:
``` ```
cat > encryption-config.yaml <<EOF $ cat > encryption-config.yaml <<EOF
kind: EncryptionConfig kind: EncryptionConfig
apiVersion: v1 apiVersion: v1
resources: resources:
@ -35,8 +35,9 @@ EOF
Copy the `encryption-config.yaml` encryption config file to each controller instance: Copy the `encryption-config.yaml` encryption config file to each controller instance:
``` ```
for instance in controller-0 controller-1 controller-2; do $ USERNAME=<User Name of Virtual Machines>
gcloud compute scp encryption-config.yaml ${instance}:~/ $ for num in 1 2 3; do
scp -i ~/.ssh/id_rsa-k8s.pub encryption-config.yaml ${USERNAME}@10.240.0.1${num}:~/
done done
``` ```