I got this instruction on how to encrypt at rest of Openshift 4 secrets.
https://docs.openshift.com/container-platform/4.14/security/encrypting-etcd.html
But there's no verification provided. Only this,
EncryptionCompleted
All resources encrypted: oauthaccesstokens.oauth.openshift.io, oauthauthorizetokens.oauth.openshift.io
In kubernetes there's a way to verify it with,
kubectl -n kube-system exec -it etcd-master -- sh -c xxxxxxxxxxxxxxxxxxxx etcdctl --endpoints=https://127.0.0.1:2379 get /registry/secrets/namespace/secret-name"
But since openshift is not using kube-system to store it etcd pod.
What should be the equivalent checking of secrets if it's really encrypted?
Thanks!