10.2. 部署 AWS Secret 和配置提供程序

运行以下命令，使用 Helm 来注册 secret 存储 CSI 驱动程序：

helm repo add secrets-store-csi-driver \
    https://kubernetes-sigs.github.io/secrets-store-csi-driver/charts

$ helm repo add secrets-store-csi-driver \
    https://kubernetes-sigs.github.io/secrets-store-csi-driver/charts

Copy to Clipboard

Toggle word wrap

运行以下命令来更新 Helm 仓库：

helm repo update

$ helm repo update

Copy to Clipboard

Toggle word wrap

运行以下命令来安装 secret 存储 CSI 驱动程序：

helm upgrade --install -n csi-secrets-store \
    csi-secrets-store-driver secrets-store-csi-driver/secrets-store-csi-driver

$ helm upgrade --install -n csi-secrets-store \
    csi-secrets-store-driver secrets-store-csi-driver/secrets-store-csi-driver

Copy to Clipboard

Toggle word wrap

运行以下命令来部署 AWS 供应商：

oc -n csi-secrets-store apply -f \
    https://raw.githubusercontent.com/rh-mobb/documentation/main/content/misc/secrets-store-csi/aws-provider-installer.yaml

$ oc -n csi-secrets-store apply -f \
    https://raw.githubusercontent.com/rh-mobb/documentation/main/content/misc/secrets-store-csi/aws-provider-installer.yaml

Copy to Clipboard

Toggle word wrap

运行以下命令，检查两个 Daemonsets 是否正在运行：

oc -n csi-secrets-store get ds \
    csi-secrets-store-provider-aws \
    csi-secrets-store-driver-secrets-store-csi-driver

$ oc -n csi-secrets-store get ds \
    csi-secrets-store-provider-aws \
    csi-secrets-store-driver-secrets-store-csi-driver

Copy to Clipboard

Toggle word wrap

运行以下命令，标记 Secrets Store CSI 驱动程序以允许与受限 pod 安全配置集搭配使用：

oc label csidriver.storage.k8s.io/secrets-store.csi.k8s.io security.openshift.io/csi-ephemeral-volume-profile=restricted

$ oc label csidriver.storage.k8s.io/secrets-store.csi.k8s.io security.openshift.io/csi-ephemeral-volume-profile=restricted

Copy to Clipboard

Toggle word wrap

学习

尝试、购买和销售

社区

关于红帽文档

让开源更具包容性

關於紅帽

Theme

Red Hat legal and privacy links

Red Hat legal and privacy links