From 3cb753404fea1d2f23522bc67cda98dfba15bfaf Mon Sep 17 00:00:00 2001
From: Matt Nikkel <matt.nikkel@rancher.com>
Date: Wed, 17 Jun 2020 14:13:18 -0400
Subject: [PATCH 1/2] Move vSphere cloud provider secret config keys into
 supported section

---
 .../cloud-providers/vsphere/config-reference/_index.md    | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/content/rke/latest/en/config-options/cloud-providers/vsphere/config-reference/_index.md b/content/rke/latest/en/config-options/cloud-providers/vsphere/config-reference/_index.md
index 12c685f76d..15b5e0824e 100644
--- a/content/rke/latest/en/config-options/cloud-providers/vsphere/config-reference/_index.md
+++ b/content/rke/latest/en/config-options/cloud-providers/vsphere/config-reference/_index.md
@@ -77,8 +77,10 @@ Each vCenter is defined by adding a new entry under the `virtual_center` directi
 
 | virtual_center Options |  Type    | Required  | Description |
 |:----------------------:|:--------:|:---------:|:-----------|
-| user                   | string	  |   *       | vCenter/ESXi user used to authenticate with this server. |
-| password               | string	  |   *       | User's password. |
+| user                   | string	  |   +       | vCenter/ESXi user used to authenticate with this server. |
+| password               | string	  |   +       | User's password. |
+| secret-name            | string   |           | Name of secret resource containing credential key/value pairs. `+` Can be specified in lieu of user/password parameters. |
+| secret-namespace       | string   |           | Namespace in which the secret resource was created in. `+` Can be specified in lieu of user/password parameters. |
 | port                   | string	  |           | Port to use to connect to this server. Defaults to 443.  |
 | datacenters            | string	  |   *       | Comma-separated list of all datacenters in which cluster nodes are running in. |
 | soap-roundtrip-count   | uint     |           | Round tripper count for API requests to the vCenter (num retries = value - 1). |
@@ -87,8 +89,6 @@ Each vCenter is defined by adding a new entry under the `virtual_center` directi
 
 | virtual_center Options |  Type    | Required  | Description |
 |:----------------------:|:--------:|:---------:|:-------|
-| secret-name            | string   |           | Name of secret resource containing credential key/value pairs. Can be specified in lieu of user/password parameters.|
-| secret-namespace       | string   |           | Namespace in which the secret resource was created in. |
 | ca-file                | string   |           | Path to CA cert file used to verify the vCenter certificate. |
 
 **Example:**

From 716b956ba1ff08d86aa526f5a702f3b740875460 Mon Sep 17 00:00:00 2001
From: Matt Nikkel <matt.nikkel@rancher.com>
Date: Wed, 17 Jun 2020 14:37:57 -0400
Subject: [PATCH 2/2] Clarify conditional requirements

---
 .../vsphere/config-reference/_index.md         | 18 ++++++++++--------
 1 file changed, 10 insertions(+), 8 deletions(-)

diff --git a/content/rke/latest/en/config-options/cloud-providers/vsphere/config-reference/_index.md b/content/rke/latest/en/config-options/cloud-providers/vsphere/config-reference/_index.md
index 15b5e0824e..72e46c176f 100644
--- a/content/rke/latest/en/config-options/cloud-providers/vsphere/config-reference/_index.md
+++ b/content/rke/latest/en/config-options/cloud-providers/vsphere/config-reference/_index.md
@@ -77,14 +77,16 @@ Each vCenter is defined by adding a new entry under the `virtual_center` directi
 
 | virtual_center Options |  Type    | Required  | Description |
 |:----------------------:|:--------:|:---------:|:-----------|
-| user                   | string	  |   +       | vCenter/ESXi user used to authenticate with this server. |
-| password               | string	  |   +       | User's password. |
-| secret-name            | string   |           | Name of secret resource containing credential key/value pairs. `+` Can be specified in lieu of user/password parameters. |
-| secret-namespace       | string   |           | Namespace in which the secret resource was created in. `+` Can be specified in lieu of user/password parameters. |
+| user                   | string	  |   *       | vCenter/ESXi user used to authenticate with this server. |
+| password               | string	  |   *       | User's password. |
+| secret-name            | string   |   *       | Name of secret resource containing credential key/value pairs. Can be specified in lieu of user/password parameters. |
+| secret-namespace       | string   |   *       | Namespace in which the secret resource was created in. Can be specified in lieu of user/password parameters. |
 | port                   | string	  |           | Port to use to connect to this server. Defaults to 443.  |
-| datacenters            | string	  |   *       | Comma-separated list of all datacenters in which cluster nodes are running in. |
+| datacenters            | string	  |   ✓       | Comma-separated list of all datacenters in which cluster nodes are running in. |
 | soap-roundtrip-count   | uint     |           | Round tripper count for API requests to the vCenter (num retries = value - 1). |
 
+\* Either `secret-name` and `secret-namespace` OR `user` and `password` are required; `secret-name` and `secret-namespace` will take precedence if all are set.
+
 > The following additional options (introduced in Kubernetes v1.11) are not yet supported in RKE.
 
 | virtual_center Options |  Type    | Required  | Description |
@@ -110,9 +112,9 @@ The following configuration options are available:
 
 | workspace Options      |  Type    | Required  | Description |
 |:----------------------:|:--------:|:---------:|:---------|
-| server                 | string   |   *       | IP or FQDN of the vCenter/ESXi that should be used for creating the volumes. Must match one of the vCenters defined under the `virtual_center` directive.|
-| datacenter             | string   |   *       | Name of the datacenter that should be used for creating volumes. For ESXi enter *ha-datacenter*.|
-| folder                 | string   |   *       | Path of folder in which to create dummy VMs used for volume provisioning (relative from the root folder in vCenter), e.g. "vm/kubernetes".|
+| server                 | string   |   ✓       | IP or FQDN of the vCenter/ESXi that should be used for creating the volumes. Must match one of the vCenters defined under the `virtual_center` directive.|
+| datacenter             | string   |   ✓       | Name of the datacenter that should be used for creating volumes. For ESXi enter *ha-datacenter*.|
+| folder                 | string   |   ✓       | Path of folder in which to create dummy VMs used for volume provisioning (relative from the root folder in vCenter), e.g. "vm/kubernetes".|
 | default-datastore      | string   |           | Name of default datastore to place VMDKs if neither datastore or storage policy are specified in the volume options of a PVC. If datastore is located in a storage folder or is a member of a datastore cluster, specify the full path. |
 | resourcepool-path      | string   |           | Absolute or relative path to the resource pool where the dummy VMs for [Storage policy based provisioning](https://vmware.github.io/vsphere-storage-for-kubernetes/documentation/policy-based-mgmt.html) should be created. If a relative path is specified, it is resolved with respect to the datacenter's *host* folder. Examples: `/<dataCenter>/host/<hostOrClusterName>/Resources/<poolName>`, `Resources/<poolName>`. For standalone ESXi specify `Resources`. |