From 3a5d6ffe1f75041a854f7e05c8c9b71e0586f0a2 Mon Sep 17 00:00:00 2001
From: dntosas <ntosas@gmail.com>
Date: Tue, 2 Feb 2021 18:39:59 +0200
Subject: [PATCH] Docs: Fix ServiceAccountVolume proposed configuration for
 Istio

Seems that after merging https://github.com/kubernetes/kops/pull/9534
there is no need to specify paths for key-files for service Account
Token Volume Projection. Instead, current configuration proposed is
making Istio unable to verify JWT token with errors.

In this commit, we remove the paths, letting Kops handles the default
ones that are working as expected.

Signed-off-by: dntosas <ntosas@gmail.com>
---
 docs/operations/service_account_token_volumes.md | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/docs/operations/service_account_token_volumes.md b/docs/operations/service_account_token_volumes.md
index ac247ec57984f..deac8c1f0872a 100644
--- a/docs/operations/service_account_token_volumes.md
+++ b/docs/operations/service_account_token_volumes.md
@@ -9,7 +9,4 @@ Some services, such as Istio and Envoy's Secret Discovery Service (SDS), take ad
         - api
         - istio-ca
         serviceAccountIssuer: kubernetes.default.svc
-        serviceAccountKeyFile:
-        - /srv/kubernetes/server.key
-        serviceAccountSigningKeyFile: /srv/kubernetes/server.key
 ```