Creating a Secret
Create an array Secret YAML file to define the storage credentials (username and password) and address for use with Ceph File Systems (CephFS) for Ceph-CSI driver.
Before you begin
- Kubernetes Administrator permissions.
- Ceph Manager (
ceph-mgr) permissions. For more information, see User roles and permissions. - userID and userKey for your username or role. If needed, get the unique generated key, by using the ceph auth get-or-create and ceph auth get-or-create-key commands. Encode the generated values with the following Base64 commands:
For more information about getting the unique generated values, see Adding Ceph user in the IBM Storage Ceph documentation.echo -nUSER_ID| base64 echo -nUSER_KEY| base64
About this task
Important: When your storage system password is changed, be sure to also change the passwords in the corresponding Secrets, particularly when LDAP is used on the storage systems.
Failing to do so causes mismatched passwords across the storage systems and the Secrets, causing the user to be locked out of the storage systems.
Procedure
What to do next
For example,
host01$ kubectl get secret NAME TYPE DATA AGE cephfs-secret Opaque 4 7d1h dockerhub-secret kubernetes.io/dockerconfigjson 1 7d
After the Secret is created and applied, create the StorageClass. For more information, see Creating a StorageClass.