kubernetes
/
website
mirror of https://github.com/kubernetes/website.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Update encrypt-data.md

pull/24374/head
白玉堂 2020-10-05 17:18:49 +08:00 committed by GitHub
parent 763cb5f759
commit 0997416af6
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
content/zh/docs/tasks/administer-cluster/encrypt-data.md
View File

@ -206,7 +206,7 @@ To create a new secret perform the following steps:
{{< caution >}} {{< caution >}}
你的配置文件包含可以解密 etcd 内容的密钥,因此你必须正确限制主控节点的访问权限, 你的配置文件包含可以解密 etcd 内容的密钥,因此你必须正确限制主控节点的访问权限,
以便只有能运行 kube-apiserver 的用户才能读取它。 以便只有能运行 kube-apiserver 的用户才能读取它。
{{< caution >}} {{< /caution >}}
<!-- <!--
## Verifying that data is encrypted ## Verifying that data is encrypted
@ -232,9 +232,8 @@ program to retrieve the contents of your secret.
2. Using the etcdctl commandline, read that secret out of etcd: 2. Using the etcdctl commandline, read that secret out of etcd:
--> -->
2. 使用 etcdctl 命令行,从 etcd 中读取 secret 2. 使用 etcdctl 命令行,从 etcd 中读取 secret
```shell ```shell
   ETCDCTL_API=3 etcdctl get /registry/secrets/default/secret1 [...] | hexdump -C ETCDCTL_API=3 etcdctl get /registry/secrets/default/secret1 [...] | hexdump -C
``` ```
<!-- <!--