• Geoff Simmons's avatar
    Redefine the labels used to identify relevant Secrets. · 18abf575
    Geoff Simmons authored
    Use the label key viking.uplex.de/secret. The controller only reads
    Secrets with this label, and with the field type:kubernetes.io/tls
    (the latter are Secrets specified for Ingress).
    
    Three values are permitted for the label:
    
    admin: credentials for remote admin of Varnish and haproxy (Varnish
    shared secret and Basic Auth password for the dataplane API).
    
    pem: initially empty Secret into which the controller writes pem
    files (concatenated crt and key), projected into a volume from
    which haproxy reads at load time. Currently only with the hard-
    wired name "tls-cert", so that RBAC update privileges can be
    limited to this Secret.
    
    auth: credentials for Basic and Proxy Auth, as configured via
    the VarnishConfig custom resource.
    18abf575
adm-secret-system.yaml 264 Bytes