Channels
extensions
rancher-extensions
supermicro-sixsq
ozt
os
one-point-x
rio
onlinemeetup
v16-v21-migration
events
onlinetraining
training-1220
training-0110
training-0124
k3s-contributor
submariner
storage
k3os
windows
ci-cd
theranchcast
rfed_ara
nederlands
ukranian
danish
training-0131
masterclass
training-0207
training-0214
terraform-controller
epinio
phillydotnet
swarm
rancher-wrangler
deutsch
russian
chinese
mesos
français
japanese
arm
longhorn-dev
terraform-provider-rke
service-mesh
azure
gcp
academy
random
elemental
espanol
lima
harvester-dev
portugues
kubernetes
kim
hypper
kubewarden
opni
logging
neuvector-security
rancher-setup
developer
office-hours
mexico
cabpr
rke
vsphere
longhorn-storage
k3s
k3d
terraform-provider-rancher2
fleet
amazon
harvester
rke2
s3gw
hobbyfarm
rancher-desktop
general
Title
w
worried-australia-58368
02/13/2023, 5:28 AMHi, I’m adding cluster encryption using AWS KMS. The suggested way is to run the aws-encryption-provider as a static pod on the controller nodes. This is for a Rancher(2.5.8) manager created rke cluster. I can’t find a way to to add a static pod. The current encryption provider we run a docker container directly, not a pod, static or other. I have searched for examples on how to add AWS KMS encryption to a rancher created cluster with no luck. Any suggestions or ideas?
b
brash-magazine-86576
02/23/2023, 10:16 AMWe’ve used terraform to spin up the cluster and we managed to get the static pods with the below snippet:
services {
kubelet {
extra_args = {
pod-manifest-path = "/etc/kubelet.d/"
}
extra_binds = [
"/etc/kubelet.d/:/etc/kubelet.d/"
]
}
}🙌 1