Under this section of the docs we could rephrase things to make it more clear. I believe the intent of the section is to demonstrate how Rancher Backups re-uses the upstream k8s concept of EncryptionConfiguration.
Interestingly the EncryptionConfiguration is not a traditional resource (neither native or custom/CRD) for k8s - maybe not correct terms, but the gist is you cannot kubectl get/apply this object. Rather it's a configuration struct (again maybe not the technical term) that the api-server uses - normally as part of interacting with etcd. With that in mind, we utilize the same resource but stored in a secret.
Issue
The current docs reference 2 examples but seemingly only have a single one.
Fix
I believe that an update to this section would be better if it included an example of the BRO needed Secret. As currently it only shows the k8s native version. Additionally we may want to re-word the section to be more clear about the intent of it as an example to compare the 2 and not a "working example".
Info
Under this section of the docs we could rephrase things to make it more clear. I believe the intent of the section is to demonstrate how Rancher Backups re-uses the upstream k8s concept of
EncryptionConfiguration.Interestingly the
EncryptionConfigurationis not a traditionalresource(neither native or custom/CRD) for k8s - maybe not correct terms, but the gist is you cannotkubectl get/applythis object. Rather it's a configuration struct (again maybe not the technical term) that the api-server uses - normally as part of interacting with etcd. With that in mind, we utilize the same resource but stored in a secret.Issue
The current docs reference 2 examples but seemingly only have a single one.
Fix
I believe that an update to this section would be better if it included an example of the BRO needed Secret. As currently it only shows the k8s native version. Additionally we may want to re-word the section to be more clear about the intent of it as an example to compare the 2 and not a "working example".