Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/gitlab-org/gitlab-foss.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/doc/architecture/blueprints/pods/pods-feature-secrets.md
diff options
context:
space:
mode:
Diffstat (limited to 'doc/architecture/blueprints/pods/pods-feature-secrets.md')
-rw-r--r--doc/architecture/blueprints/pods/pods-feature-secrets.md51
1 files changed, 7 insertions, 44 deletions
diff --git a/doc/architecture/blueprints/pods/pods-feature-secrets.md b/doc/architecture/blueprints/pods/pods-feature-secrets.md
index f18a41dc0fb..f33b98add21 100644
--- a/doc/architecture/blueprints/pods/pods-feature-secrets.md
+++ b/doc/architecture/blueprints/pods/pods-feature-secrets.md
@@ -1,48 +1,11 @@
---
-stage: enablement
-group: pods
-comments: false
-description: 'Pods: Secrets'
+redirect_to: '../cells/cells-feature-secrets.md'
+remove_date: '2023-06-13'
---
-This document is a work-in-progress and represents a very early state of the
-Pods design. Significant aspects are not documented, though we expect to add
-them in the future. This is one possible architecture for Pods, and we intend to
-contrast this with alternatives before deciding which approach to implement.
-This documentation will be kept even if we decide not to implement this so that
-we can document the reasons for not choosing this approach.
+This document was moved to [another location](../cells/cells-feature-secrets.md).
-# Pods: Secrets
-
-Where possible, each pod should have its own distinct set of secrets.
-However, there will be some secrets that will be required to be the same for all
-pods in the cluster
-
-## 1. Definition
-
-GitLab has a lot of
-[secrets](https://docs.gitlab.com/charts/installation/secrets.html) that needs
-to be configured.
-
-Some secrets are for inter-component communication, e.g. `GitLab Shell secret`,
-and used only within a pod.
-
-Some secrets are used for features, e.g. `ci_jwt_signing_key`.
-
-## 2. Data flow
-
-## 3. Proposal
-
-1. Secrets used for features will need to be consistent across all pods, so that the UX is consistent.
- 1. This is especially true for the `db_key_base` secret which is used for
- encrypting data at rest in the database - so that projects that are
- transferred to another pod will continue to work. We do not want to have
- to re-encrypt such rows when we move projects/groups between pods.
-1. Secrets which are used for intra-pod communication only should be uniquely generated
- per-pod.
-
-## 4. Evaluation
-
-## 4.1. Pros
-
-## 4.2. Cons
+<!-- This redirect file can be deleted after <2023-06-13>. -->
+<!-- Redirects that point to other docs in the same project expire in three months. -->
+<!-- Redirects that point to docs in a different project or site (link is not relative and starts with `https:`) expire in one year. -->
+<!-- Before deletion, see: https://docs.gitlab.com/ee/development/documentation/redirects.html -->
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-16 22:03:09 +0300