I am trying to configure the
kube-apiserver so that it uses encryption to configure secrets in my minikube cluster.
For that, I have followed the documentation on kubernetes.io but got stuck at step 3 that says
--encryption-provider-config flag on the
kube-apiserver to point to the location of the config file.
I have discovered the option
minikube start and have tried starting my setup using
minikube start --extra-config=apiserver.encryption-provider-config=encryptionConf.yaml
but naturally it doesn't work as
encryptionConf.yaml is located in my local file system and not in the pod that's spun up by minikube. The error
minikube log gives me is
error: error opening encryption provider configuration file "encryptionConf.yaml": open encryptionConf.yaml: no such file or directory
What is the best practice to get the encryption configuration file onto the
kube-apiserver? Or is
minikube perhaps the wrong tool to try out these kinds of things?