Skip to content

Add documentation on Snapshot secret support #189

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
saad-ali opened this issue Aug 2, 2019 · 9 comments · Fixed by #190
Closed

Add documentation on Snapshot secret support #189

saad-ali opened this issue Aug 2, 2019 · 9 comments · Fixed by #190
Labels
lifecycle/frozen Indicates that an issue or PR should not be auto-closed due to staleness.

Comments

@saad-ali
Copy link
Member

saad-ali commented Aug 2, 2019

The external-provisioner currently supports special key for specifying secret during volume provisioning. However, the https://kubernetes-csi.github.io/docs/secrets-and-credentials.html page does not document that.

So we should:

  1. Add two sub pages to the "Secrets & Credentials" page, one for external-provisioner and one for external-snapshotter to document the "special keys" supported by both CSI volume and snapshot provisioning.
  2. We should add use cases to the "Secrets & Credentials" page to document common use cases, for example:
    • For backend credential (which does not change per volume), just populate that directly in the CSI driver (does not need to go through CSI protocol.
    • For encrypting a disk or snapshot...

@oleksiys maybe a good candidate to help with 2.
@saad-ali
Copy link
Member Author

saad-ali commented Aug 2, 2019

CC @xing-yang @msau42

@saad-ali saad-ali mentioned this issue Aug 8, 2019
Merged
@saad-ali
Copy link
Member Author

PR #190 addressed 1, but did not address 2 (documenting common use cases). Will leave this bug open to track that.

@saad-ali saad-ali reopened this Aug 12, 2019
@saad-ali
Copy link
Member Author

One more item: we should better document why SP should avoid deletion secrets (user could wipe out that secret), and suggest alternatives (for backend credentials, inject directly in to CSI driver; for storage pools, also inject directly in to CSI driver and select at runtime; etc.).

This was referenced Aug 14, 2019
Closed
Closed
@fejta-bot
Copy link

Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.

If this issue is safe to close now please do so with /close.

Send feedback to sig-testing, kubernetes/test-infra and/or fejta.
/lifecycle stale

@k8s-ci-robot k8s-ci-robot added the lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. label Nov 12, 2019
@xing-yang
Copy link
Contributor

/remove-lifecycle stale

@k8s-ci-robot k8s-ci-robot removed the lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. label Nov 12, 2019
@fejta-bot
Copy link

Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.

If this issue is safe to close now please do so with /close.

Send feedback to sig-testing, kubernetes/test-infra and/or fejta.
/lifecycle stale

@k8s-ci-robot k8s-ci-robot added the lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. label Feb 10, 2020
@fejta-bot
Copy link

Stale issues rot after 30d of inactivity.
Mark the issue as fresh with /remove-lifecycle rotten.
Rotten issues close after an additional 30d of inactivity.

If this issue is safe to close now please do so with /close.

Send feedback to sig-testing, kubernetes/test-infra and/or fejta.
/lifecycle rotten

@k8s-ci-robot k8s-ci-robot added lifecycle/rotten Denotes an issue or PR that has aged beyond stale and will be auto-closed. and removed lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. labels Mar 11, 2020
@msau42
Copy link
Collaborator

msau42 commented Mar 11, 2020

/lifecycle frozen

@k8s-ci-robot k8s-ci-robot added lifecycle/frozen Indicates that an issue or PR should not be auto-closed due to staleness. and removed lifecycle/rotten Denotes an issue or PR that has aged beyond stale and will be auto-closed. labels Mar 11, 2020
@xing-yang
Copy link
Contributor

This is complete: https://kubernetes-csi.github.io/docs/secrets-and-credentials-volume-snapshot-class.html

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
lifecycle/frozen Indicates that an issue or PR should not be auto-closed due to staleness.
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Update Kubernetse-CSI Secret Documentation saad-ali/docs
5 participants
@xing-yang @saad-ali @k8s-ci-robot @msau42 @fejta-bot