https://rancher.com/ logo
Title
k

kind-church-47495

03/06/2023, 7:24 PM
Hi All, trying to better understand this documentation regarding encryption providers for RKE2 https://docs.rke2.io/security/secrets_encryption It states that "RKE2 only supports the
AES-CBC
key type. Find more info here." Does this mean RKE2 is incompatible with using a Key management system for encryption/key management? Thanks
c

creamy-pencil-82913

03/06/2023, 7:51 PM
no, you can still provide your own secrets encryption config as covered in the Kubernetes docs, but the rke2's automatic management of the configuration via the secrets-encrypt command only supports the aescbc provider. If you provide your own configuration that uses a different provider, rke2 cannot manage it for you.
­čĹŹ 1
k

kind-church-47495

03/06/2023, 8:08 PM
Ah cool thank you