icy-yak-43924
09/15/2022, 8:38 PMcreamy-pencil-82913
09/15/2022, 8:47 PMI then disabled the secrets-encryptHow did you do that exactly? First of all its hardcoded on, second if you turn it off when it’s been previously enabled, everything will break because the apiserver will not be able to decrypt any of the secrets.
then used crictl to stop the containerwhich container did you stop? You shouldn’t poke at the control-plane static pods directly. Those should only be managed by rke2. If you change the RKE2 configuration and restart the rke2-server service, the pod configuration will be regenerated and the new configuration applied.
icy-yak-43924
09/15/2022, 9:11 PMcreamy-pencil-82913
09/15/2022, 9:48 PM