|
|
|
|
|
|
by captn3m0
2710 days ago
|
|
|
I had another question regarding encryption of secrets. The reason you've mentioned is to prevent secrets from remaining in plain-text either during transmission to/from etcd or within etcd at rest. Did you consider using https://kubernetes.io/docs/tasks/administer-cluster/encrypt-... instead? It has been there for quite some time (1.10 I think) and fixes all your concerns. (We had similar issues with storing secrets in etcd, and went with k8s encryption instead). |
|
|