This message was deleted.
# rke2a
adamant-kite-43734
05/18/2022, 2:03 PMThis message was deleted.
c
creamy-pencil-82913
05/18/2022, 5:29 PMyou can override the default flags for that component with --kube-controller-manager-arg and change the bind-address value to 0.0.0.0 if you’d like to expose it.
v
victorious-analyst-3332
05/18/2022, 5:30 PMwould that also expose the metrics port missing on the RKE2 instance?
victorious-analyst-3332
05/18/2022, 5:30 PMwe are currently using
metrics-bind-address=0.0.0.0:10249kube-proxy-argc
creamy-pencil-82913
05/18/2022, 5:31 PMit’s just bind-address, it doesn’t have a separate listener for metrics
v
victorious-analyst-3332
05/18/2022, 5:40 PMin RKE, the 10252 is an HTTP endpoint vs HTTPS 🤔
victorious-analyst-3332
05/18/2022, 5:41 PMwill do some testing, thank you
c
creamy-pencil-82913
05/18/2022, 8:30 PMit depends on the Kubernetes version. They switched everything over to secure at some point.
v
victorious-analyst-3332
05/18/2022, 9:25 PMseeing that now after validating on an RKE cluster running the same 1.22.9 version. working on updating our scrapers to use the https endpoint with auth now
r
rapid-helmet-86074
05/19/2022, 2:25 PMI don't remember about this one specifically, but I think some had an option for insecure port enable to turn the HTTP port back on (I was looking at some Kubernetes lockdown guidance and it was saying to verify those options weren't present on 3-6 different items).
94 Views