-
Notifications
You must be signed in to change notification settings - Fork 291
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add support for specifying vsphere credentials via secrets (#250)
- Adds new field vsphereCredentialSecret that can be specified to point to the secret that holds the credentials Resolves #9 Change-Id: I8e43864302a51386f7f11725b0a966cc9e436c59
- Loading branch information
1 parent
e1a0555
commit b5ce311
Showing
6 changed files
with
88 additions
and
7 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,49 @@ | ||
## Passing vsphere credentials | ||
For the cluster-api vsphere provider to work, the users need to provide the vsphere credentials to access the infrastructure. There are 2 ways how the users can provide these credentials. | ||
|
||
* Using kubernetes `secrets` | ||
* Create a secret that contains 2 keys namely `username` and `password` in the same namespace as the desired `Cluster` object. | ||
``` | ||
apiVersion: v1 | ||
kind: Secret | ||
metadata: | ||
name: my-vc-credentials | ||
type: Opaque | ||
data: | ||
# base64 encoded fields | ||
username: YWRtaW5pc3RyYXRvckB2c3BoZXJlLmxvY2Fs | ||
password: c2FtcGxl | ||
``` | ||
|
||
* Set the `vsphereCredentialSecret` property in the `ProviderSpec` part of the `Cluster` definition | ||
``` | ||
apiVersion: "cluster.k8s.io/v1alpha1" | ||
kind: Cluster | ||
metadata: | ||
name: sample-cluster | ||
spec: | ||
... | ||
providerSpec: | ||
value: | ||
... | ||
# Credentials provided via secrets | ||
vsphereCredentialSecret: "my-vc-credentials" | ||
``` | ||
|
||
* Using plain text credential in the `ProviderSpec` part of the `Cluster` definition | ||
``` | ||
apiVersion: "cluster.k8s.io/v1alpha1" | ||
kind: Cluster | ||
metadata: | ||
name: sample-cluster | ||
spec: | ||
... | ||
providerSpec: | ||
value: | ||
... | ||
# Credentials provided as plain text | ||
vsphereUser: "administrator@vsphere.local" | ||
vspherePassword: "sample" | ||
``` | ||
|
||
__Note:__ If `vsphereCredentialSecret` field is set to a non empty string then the controller will ignore the `vsphereUser` and `vspherePassword` fields even if they are set. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters