]> git-server-git.apps.pok.os.sepia.ceph.com Git - ceph.git/commitdiff
projects / ceph.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 4cfc002)
doc/rbd/rbd-kubernetes: mention KMS config map
authorIlya Dryomov <idryomov@gmail.com>
Mon, 19 Apr 2021 07:37:01 +0000 (09:37 +0200)
committerIlya Dryomov <idryomov@gmail.com>
Mon, 19 Apr 2021 09:52:23 +0000 (11:52 +0200)
Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
doc/rbd/rbd-kubernetes.rst patch | blob | history

diff --git a/doc/rbd/rbd-kubernetes.rst b/doc/rbd/rbd-kubernetes.rst
index caaf77d648fa4067de2462016008d1ba6a0edc67..fd064bb312c5fa72e5a4e4a33d6478f6585a8c1a 100644 (file)
--- a/doc/rbd/rbd-kubernetes.rst
+++ b/doc/rbd/rbd-kubernetes.rst
@@ -114,6 +114,26 @@ Once generated, store the new `ConfigMap` object in Kubernetes::
 
         $ kubectl apply -f csi-config-map.yaml
 
+Recent versions of `ceph-csi` also require an additional `ConfigMap` object to
+define Key Management Service (KMS) provider details.  If KMS isn't set up, put
+an empty configuration in a `csi-kms-config-map.yaml` file or refer to examples
+at https://github.com/ceph/ceph-csi/tree/master/examples/kms::
+
+        $ cat <<EOF > csi-kms-config-map.yaml
+        ---
+        apiVersion: v1
+        kind: ConfigMap
+        data:
+          config.json: |-
+            {}
+        metadata:
+          name: ceph-csi-encryption-kms-config
+        EOF
+
+Once generated, store the new `ConfigMap` object in Kubernetes::
+
+        $ kubectl apply -f csi-kms-config-map.yaml
+
 Generate `ceph-csi` cephx `Secret`
 ----------------------------------
 
Unnamed repository; edit this file 'description' to name the repository.