k8s.io/kubernetes@v1.29.3/test/e2e/testing-manifests/auth/encrypt/kind.yaml (about) 1 kind: Cluster 2 apiVersion: kind.x-k8s.io/v1alpha4 3 # this containerd config patch sets the registry to the local registry where we push mock kms provider 4 containerdConfigPatches: 5 - |- 6 [plugins."io.containerd.grpc.v1.cri".registry.mirrors."localhost:5000"] 7 endpoint = ["http://kind-registry:5000"] 8 nodes: 9 - role: control-plane 10 extraMounts: 11 - containerPath: /etc/kubernetes/encryption-config.yaml 12 hostPath: test/e2e/testing-manifests/auth/encrypt/encryption-config.yaml 13 readOnly: true 14 propagation: None 15 - containerPath: /etc/kubernetes/manifests/kubernetes-kms.yaml 16 hostPath: staging/src/k8s.io/kms/internal/plugins/_mock/kms.yaml 17 readOnly: true 18 propagation: None 19 - containerPath: /etc/softhsm-config.json 20 hostPath: test/e2e/testing-manifests/auth/encrypt/softhsm-config.json 21 readOnly: true 22 propagation: None 23 kubeadmConfigPatches: 24 - | 25 kind: ClusterConfiguration 26 apiServer: 27 extraArgs: 28 encryption-provider-config: "/etc/kubernetes/encryption-config.yaml" 29 feature-gates: "KMSv2=true" 30 v: "5" 31 extraVolumes: 32 - name: encryption-config 33 hostPath: "/etc/kubernetes/encryption-config.yaml" 34 mountPath: "/etc/kubernetes/encryption-config.yaml" 35 readOnly: true 36 pathType: File 37 - name: sock-path 38 hostPath: "/tmp" 39 mountPath: "/tmp" 40 scheduler: 41 extraArgs: 42 v: "5" 43 controllerManager: 44 extraArgs: 45 v: "5" 46 - role: worker 47 - role: worker 48 - role: worker