Istioctl x create-remote-secret never mounted

I am following the doc Install Multi-Primary and curious about the last step, Enable Endpoint Discovery.

I got remote secrets in this step but failed to figured out where these secrets get mounted. It is seems never used or attached to any pod. Could you help me figure it out?

They are picked up automatically by Istio. You can then use istioctl util to verify that remote cluster is present.

1 Like

Thank you! That’s true. istioctl remote-clusters shows the remote cluster then. I also checked with Istiod’s Role and Rolebinding and found that it has the access to Secret API.