1kind: Cluster
2apiVersion: kind.x-k8s.io/v1alpha4
3# this containerd config patch sets the registry to the local registry where we push mock kms provider
4containerdConfigPatches:
5- |-
6 [plugins."io.containerd.grpc.v1.cri".registry.mirrors."localhost:5000"]
7 endpoint = ["http://kind-registry:5000"]
8nodes:
9- role: control-plane
10 extraMounts:
11 - containerPath: /etc/kubernetes/encryption-config.yaml
12 hostPath: test/e2e/testing-manifests/auth/encrypt/encryption-config.yaml
13 readOnly: true
14 propagation: None
15 - containerPath: /etc/kubernetes/manifests/kubernetes-kms.yaml
16 hostPath: staging/src/k8s.io/kms/internal/plugins/_mock/kms.yaml
17 readOnly: true
18 propagation: None
19 - containerPath: /etc/softhsm-config.json
20 hostPath: test/e2e/testing-manifests/auth/encrypt/softhsm-config.json
21 readOnly: true
22 propagation: None
23 kubeadmConfigPatches:
24 - |
25 kind: ClusterConfiguration
26 apiServer:
27 extraArgs:
28 encryption-provider-config: "/etc/kubernetes/encryption-config.yaml"
29 feature-gates: "KMSv2=true"
30 v: "5"
31 extraVolumes:
32 - name: encryption-config
33 hostPath: "/etc/kubernetes/encryption-config.yaml"
34 mountPath: "/etc/kubernetes/encryption-config.yaml"
35 readOnly: true
36 pathType: File
37 - name: sock-path
38 hostPath: "/tmp"
39 mountPath: "/tmp"
40 scheduler:
41 extraArgs:
42 v: "5"
43 controllerManager:
44 extraArgs:
45 v: "5"
46- role: worker
47- role: worker
48- role: worker
View as plain text