public_git
/
democratic-csi
mirror of https://github.com/democratic-csi/democratic-csi.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Update docs

This commit is contained in:
Kim Wittenburg 2022-04-30 14:49:46 +02:00
parent 7fe916c916
commit 9473a5fbe7
1 changed files with 25 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
docs/storage-class-parameters.md
View File

@ -123,6 +123,8 @@ kind: Secret
metadata: metadata:
name: chap-secret name: chap-secret
stringData: stringData:
targetTemplate: |
auth_type: 2
# Client Credentials # Client Credentials
user: client user: client
password: MySecretPassword password: MySecretPassword
@ -131,8 +133,16 @@ stringData:
mutualPassword: MyOtherPassword mutualPassword: MyOtherPassword
``` ```
Note that CHAP authentication will only be enabled if the secret contains a username and password. If e.g. a password is The following configuration options are known:
missing CHAP authentication will not be enabled (but the volume will still be created). You cannot automatically - `auth_type: 0`: Authentication is disabled.
enable/disable CHAP or change the password after the volume has been created. - `auth_type: 1`: CHAP authentication via the supplied `user` and `password`. You should also set `chap: true`
in this case.
- `auth_type: 2`: Mutual CHAP authentication. In addition to `user`, `password` and `chap` you should also set
`mutual_user`, `mutual_password` and `mutual_chap: true`.
If the secret itself is referenced but not present, the volume will not be created. Note that in order to correctly mount the volume you also need to configure an appropriate `node-stage-secret` on the
`StorageClass`.
You can use the secrets mechanism to supply additional data for the `lunTemplate` as well. The different templates will
be merged with the secret taking precedence over the `StorageClass` and the global configuration. If a secret is
referenced but not present, the volume will not be created.