rook: CSI RBD plugin kms configuration missing

Is this a bug report or feature request?

• Bug Report

Deviation from expected behavior: configmap was not created automatically nor explained in the documentation

Expected behavior: Cluster installation should create configmap or creations should be documented.

How to reproduce it (minimal and precise):

• install operator via helm
• install vault via helm
• follow vault kms setup documentation
• create cluster CR

File(s) to submit:

• Cluster CR (custom resource), typically called cluster.yaml, if necessary Vault KMS settings in cluster CR:

security:
    kms:
      connectionDetails:
        KMS_PROVIDER: vault
        VAULT_ADDR: https://vault.vault.svc.cluster.local:8200
        VAULT_BACKEND_PATH: rook
        VAULT_SECRET_ENGINE: kv
        VAULT_AUTH_METHOD: kubernetes
        VAULT_AUTH_KUBERNETES_ROLE: rook-ceph
        VAULT_CACERT: vault-tls-ca-cert
        VAULT_CLIENT_CERT: vault-tls-client-cert
        VAULT_CLIENT_KEY: vault-tls-client-key
        VAULT_SKIP_VERIFY: "true"

Hi everybody,

I am unable to create a new ceph cluster because the csi-rbdplugin fails to create the container with the following error:

MountVolume.SetUp failed for volume "rook-ceph-csi-kms-config" : configmap "rook-ceph-csi-kms-config" not found

I followd the KMS setup with vault described in the rook documentation which worked fine.

After some research I came across the CSI Driver documentation where the creation of the above mentioned ConfigMap is described. I am not sure how the ConfigMap for vault as a kms should look like in accordance to the kms setup documentation.

How should i create the rook-ceph-csi-kms-config for my setup with vault as a kms with TLS support to work?

Thanks and best regards