Skip to content

chore(docs): update external provisioners helm docs #15155

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 4 commits into from
Oct 23, 2024
Merged

chore(docs): update external provisioners helm docs #15155

Changes from 1 commit
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
59f145c
chore(docs): update external provisioners helm docs
johnstcn Oct 21, 2024
2a02f3f
make fmt
johnstcn Oct 21, 2024
13ae8fa
scoped key steps
EdwardAngert Oct 22, 2024
46d62ca
Apply suggestions from code review
johnstcn Oct 22, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
make fmt
  • Loading branch information
@johnstcn
johnstcn committed Oct 21, 2024
commit 2a02f3f885b94443de425ddf9c613c5e5d471acd
18 changes: 10 additions & 8 deletions docs/admin/provisioners.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -40,8 +40,8 @@ The provisioner daemon must authenticate with your Coder deployment.

## Scoped Key (Recommended)

We recommend creating finely-scoped keys for provisioners.
Keys are scoped to an organization, and optionally to a specific set of tags.
We recommend creating finely-scoped keys for provisioners. Keys are scoped to an
organization, and optionally to a specific set of tags.

To create a key for an organization that will match untagged jobs:

Expand Down Expand Up @@ -102,10 +102,11 @@ tags.

## Global PSK (Not Recommended)

> [!NOTE] We do not recommend this approach anymore, as it makes
> key rotation or isolating provisioners far more difficult.
> [!NOTE] We do not recommend this approach anymore, as it makes key rotation or
> isolating provisioners far more difficult.

A deployment-wide PSK can be used to authenticate any provisioner. To use a global PSK, set a
A deployment-wide PSK can be used to authenticate any provisioner. To use a
global PSK, set a
[provisioner daemon pre-shared key (PSK)](../reference/cli/server.md#--provisioner-daemon-psk)
on the Coder server.

Expand Down Expand Up @@ -286,7 +287,8 @@ will use in concert with the Helm chart for deploying the Coder server.
# coder provisioner keys create my-cool-key --org default --tags location=auh kind=k8s
```

Successfully created provisioner key kubernetes-key! Save this authentication token, it will not be shown again.
Successfully created provisioner key kubernetes-key! Save this authentication
token, it will not be shown again.

<key omitted>
```
Expand All @@ -302,7 +304,7 @@ will use in concert with the Helm chart for deploying the Coder server.
```yaml
provisionerDaemon:
keySecretName: "coder-provisioner-keys"
keySecretKey: "key1"
keySecretKey: "key1"
```

1. Redeploy Coder with the new `values.yaml` to roll out the PSK. You can omit
Expand All @@ -326,7 +328,7 @@ will use in concert with the Helm chart for deploying the Coder server.
replicaCount: 10
provisionerDaemon:
keySecretName: "coder-provisioner-keys"
keySecretKey: "key1"
keySecretKey: "key1"
```

This example creates a deployment of 10 provisioner daemons (for 10
Expand Down