kubernetes
/
website
mirror of https://github.com/kubernetes/website.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Update encrypt-data.md - multi-master configuration notice 

Add short notice about multi-cluster configurations
pull/31387/head
Viacheslav Vasilyev 2022-01-18 12:40:37 +02:00 committed by GitHub
parent b599a32374
commit 0ef0c8d570
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
content/en/docs/tasks/administer-cluster/encrypt-data.md
View File

@ -27,6 +27,11 @@ The `kube-apiserver` process accepts an argument `--encryption-provider-config`
that controls how API data is encrypted in etcd. An example configuration that controls how API data is encrypted in etcd. An example configuration
is provided below. is provided below.
{{< caution >}}
**IMPORTANT:** For multi-master configurations (with two or more control plane nodes) the encryption configuration file must be the same!
Otherwise, the kube-api-server will not be able to decrypt data stored inside the key-value store.
{{< /caution >}}
## Understanding the encryption at rest configuration. ## Understanding the encryption at rest configuration.
```yaml ```yaml