Added clarifying comments to secret.yaml

2024-10-13 13:34:05 +00:00 · 2017-06-08 17:42:30 +02:00 · 2017-06-08 17:42:30 +02:00 · e1082af385
commit e1082af385
parent 03e9020909
1 changed files with 31 additions and 15 deletions
--- a/k8s/configuration/secret.yaml
+++ b/k8s/configuration/secret.yaml
@ -1,7 +1,11 @@
-# All secret data should be base64 encoded before embedding them here by
+# All secret data should be base64 encoded before embedding them here.
-# using `echo "secret string" | base64 -w 0 > secret.string.b64` and then
+# Short strings can be encoded using, e.g.
-# copy the resulting value here.
+# echo "secret string" | base64 -w 0 > secret.string.b64
 # Files (e.g. certificates) can be encoded using, e.g.
 # cat cert.pem | base64 -w 0 > cert.pem.b64
 # then copy the contents of cert.pem.b64 (for example) below.
 # Ref: https://kubernetes.io/docs/concepts/configuration/secret/
 # Unused values can be set to ""
 apiVersion: v1
 kind: Secret
@ -10,8 +14,8 @@ metadata:
  namespace: default
 type: Opaque
 data:
-  # This is the API Key obtained from MongoDB Cloud Manager
+  # Base64-encoded Agent API Key (obtained from MongoDB Cloud Manager)
-  api-key: "<b64 encoded api key>"
+  api-key: "<b64 encoded Agent API Key>"
 ---
 apiVersion: v1
 kind: Secret
@ -20,7 +24,8 @@ metadata:
  namespace: default
 type: Opaque
 data:
-  private.key: "<b64 encoded private key>"
+  # Base64-encoded BigchainDB private key of *this* node
  private.key: "<b64 encoded BigchainDB private key>"
 ---
 apiVersion: v1
 kind: Secret
@ -29,8 +34,11 @@ metadata:
  namespace: default
 type: Opaque
 data:
-  mdb-instance.pem: "<b64 encoded, concatanated public and private keys>"
+  # Base64-encoded, concatenated certificate and private key
-  ca.pem: "<b64 encoded CA public key>" 
+  mdb-instance.pem: "<b64 encoded, concatenated certificate and private key>"
  # Base64-encoded CA certificate (ca.crt)
  ca.pem: "<b64 encoded CA certificate>"
  # Base64-encoded MongoDB CRL
  mdb-crl.pem: "<b64 encoded CRL data>"
 ---
 apiVersion: v1
@ -40,8 +48,10 @@ metadata:
  namespace: default
 type: Opaque
 data:
-  mdb-mon-instance.pem: "<b64 encoded, concatanated public and private keys>"
+  # Base64-encoded, concatenated certificate and private key
-  ca.pem: "<b64 encoded CA public key>" 
+  mdb-mon-instance.pem: "<b64 encoded, concatenated certificate and private key>"
  # Base64-encoded CA certificate (ca.crt)
  ca.pem: "<b64 encoded CA certificate>" 
 ---
 apiVersion: v1
 kind: Secret
@ -50,8 +60,10 @@ metadata:
  namespace: default
 type: Opaque
 data:
-  mdb-bak-instance.pem: "<b64 encoded, concatanated public and private keys>"
+  # Base64-encoded, concatenated certificate and private key
-  ca.pem: "<b64 encoded CA public key>" 
+  mdb-bak-instance.pem: "<b64 encoded, concatenated certificate and private key>"
  # Base64-encoded CA certificate (ca.crt)
  ca.pem: "<b64 encoded CA certificate>"
 ---
 apiVersion: v1
 kind: Secret
@ -60,8 +72,10 @@ metadata:
  namespace: default
 type: Opaque
 data:
-  bdb-instance.pem: "<b64 encoded, concatanated public and private keys>"
+  # Base64-encoded, concatenated certificate and private key
-  ca.pem: "<b64 encoded CA public key>" 
+  bdb-instance.pem: "<b64 encoded, concatenated certificate and private key>"
  # Base64-encoded CA certificate (ca.crt)
  ca.pem: "<b64 encoded CA certificate>"
 ---
 apiVersion: v1
 kind: Secret
@ -70,7 +84,9 @@ metadata:
  namespace: default
 type: Opaque
 data:
  # Base64-encoded HTTPS private key
  cert.key: "<b64 encoded HTTPS private key>"
  # Base64-encoded HTTPS Signed Certificate or Certificate Chain
  cert.pem: "<b64 encoded HTTPS Signed Certificate or Certificate Chain>"
 ---
 apiVersion: v1