https://rancher.com/ logo
Title
s

shy-zebra-53074

05/26/2022, 4:35 PM
Hey all! I’ve been able to set custom configs via:
kube-apiserver-arg
kube-controller-manager-arg
and
kube-scheduler-arg
However, I would like to ensure that a certain config is NOT set that is currently being set by default. For example I would like to unset the
--hostname-override
flag for the
kubelet
service and make sure that flag is not passed when starting the kubelet service
c

creamy-pencil-82913

05/26/2022, 4:52 PM
It should only be set if you set --node-name. Are you running into some problem with that?
s

shy-zebra-53074

05/26/2022, 4:53 PM
no just working through STIG
compliance
I’ll check that node-name config
c

creamy-pencil-82913

05/26/2022, 4:54 PM
there are cases where it needs to be set in order for the cloud provider to properly find the node
seems like a weird thing to disallow
s

shy-zebra-53074

05/26/2022, 4:55 PM
yah there are several things that are odd, trying to comply exactly is the easiest otherwise they require justification and you have to go back and forth and educate the AO etc etc
c

creamy-pencil-82913

05/26/2022, 5:02 PM
hmm, actually I think at some point we started explicitly setting that in call cases in order to make sure that we’re consistently using the same hostname/node-name in all places. We do ensure that the kubelet cert has the proper entries on it regardless of what the node-name is set to, so it won’t affect the TLS verification as that text calls out.
so you might be out of luck
s

shy-zebra-53074

05/26/2022, 7:52 PM
Thanks @creamy-pencil-82913! It may be worth while to create a feature where if you set the custom arg to blank it will explicitly remove that flag, what are your thoughts? Otherwise there are no ways for users to remove any default params