This message was deleted.
# rke2a
adamant-kite-43734
05/26/2022, 4:35 PMThis message was deleted.
c
creamy-pencil-82913
05/26/2022, 4:52 PMIt should only be set if you set --node-name. Are you running into some problem with that?
s
shy-zebra-53074
05/26/2022, 4:53 PMno just working through STIG
shy-zebra-53074
05/26/2022, 4:53 PMcompliance
shy-zebra-53074
05/26/2022, 4:53 PMI’ll check that node-name config
c
creamy-pencil-82913
05/26/2022, 4:54 PMthere are cases where it needs to be set in order for the cloud provider to properly find the node
creamy-pencil-82913
05/26/2022, 4:54 PMseems like a weird thing to disallow
s
shy-zebra-53074
05/26/2022, 4:56 PMyah there are several things that are odd, trying to comply exactly is the easiest otherwise they require justification and you have to go back and forth and educate the AO etc etc
c
creamy-pencil-82913
05/26/2022, 5:02 PMhmm, actually I think at some point we started explicitly setting that in call cases in order to make sure that we’re consistently using the same hostname/node-name in all places. We do ensure that the kubelet cert has the proper entries on it regardless of what the node-name is set to, so it won’t affect the TLS verification as that text calls out.
creamy-pencil-82913
05/26/2022, 5:03 PMso you might be out of luck
s
shy-zebra-53074
05/26/2022, 7:52 PMThanks @creamy-pencil-82913! It may be worth while to create a feature where if you set the custom arg to blank it will explicitly remove that flag, what are your thoughts? Otherwise there are no ways for users to remove any default params
3 Views