How to Verify if the ETCD Secrets Are Encrypted or Not?

Problem

Environment

  • Platform9 Managed Kubernetes - v5.2 and above
  • Kubernetes v1.20 and above
  • Docker or Containerd

Answer

  • ETCD secret encryption can be verified with the help of etcdctl command line utility.
  • ETCD secrets are stored at the path /registry/secrets/$namespace/$secret on the master node.
  • The below command can be used to verify if the particular ETCD secret is encrypted or not.
Docker
Containerd
Copy
Type to search, ESC to discard
Type to search, ESC to discard
Type to search, ESC to discard