Docs on TLS for Operator trusting other CAs (#1473)

* Docs on TLS for Operator trusting other CAs Signed-off-by: Daniel Valdivia <18384552+dvaldivia@users.noreply.github.com> * Update docs/operator-tls.md Co-authored-by: Pedro Juarez <pjuarezd@users.noreply.github.com> --------- Signed-off-by: Daniel Valdivia <18384552+dvaldivia@users.noreply.github.com> Co-authored-by: Pedro Juarez <pjuarezd@users.noreply.github.com>
minio · Feb 28, 2023 · 1400a36 · 1400a36
1 parent 0e378c8
commit 1400a36
Showing 1 changed file with 30 additions and 0 deletions.
diff --git a/docs/operator-tls.md b/docs/operator-tls.md
@@ -0,0 +1,30 @@
+# Passing custom Certs/CAs to Operator
+
+To configure MinIO Operator to trust custom certificates, create a secret with the certificate.
+
+```shell
+kubectl create secret generic my-custom-tls -n minio-operator --from-file=path/to/public.crt
+```
+
+then add the following volume to the `minio-operator` deployment under .spec.template.spec
+
+```yaml
+      volumes:
+        - name: tls-certificates
+          projected:
+            defaultMode: 420
+            sources:
+              - secret:
+                  items:
+                    - key: public.crt
+                      path: CAs/custom-public.crt
+                  name: my-custom-tls
+```
+
+and for the `.spec.temaplte.spec.container[0]`
+
+```yaml
+        volumeMounts:
+          - mountPath: /tmp/certs
+            name: tls-certificates
+```