You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Currently storage class doesn't have credentials API, external-provisioner passes everything into Parameters but not into UserCredentials.
This is a problem for certain volumes such as rbd. We currently use parameters to store plaint text secret to get around this issue.
Ideally credentials should still be encoded as a K8S Secret. External provisioner needs a mechanism to get credentials from StorageClass, either through a special parameter, annotation, or new API fields, then passes these credentials into UserCredentials in CreateVolume and DeleteVolume calls.
thanks @sbezverk for his early investigation into this issue
The text was updated successfully, but these errors were encountered:
Currently storage class doesn't have credentials API, external-provisioner passes everything into Parameters but not into UserCredentials.
This is a problem for certain volumes such as rbd. We currently use parameters to store plaint text secret to get around this issue.
Ideally credentials should still be encoded as a K8S Secret. External provisioner needs a mechanism to get credentials from StorageClass, either through a special parameter, annotation, or new API fields, then passes these credentials into UserCredentials in CreateVolume and DeleteVolume calls.
thanks @sbezverk for his early investigation into this issue
The text was updated successfully, but these errors were encountered: