Hi All trying to better understand this documentation regarding encryption providers for RKE2 <https docs rke2 io security secrets encryption> It states that RKE2 only supports the `AES CBC` key type Find more info <https kubernetes io docs tasks administer cluster encrypt data providers|here > Does this mean RKE2 is incompatible with using a Key management system for encryption key management Thanks

Hi All trying to better understand this documentation regard rancher-users #rke2

Title

kind-church-47495

03/06/2023, 7:24 PM

Hi All, trying to better understand this documentation regarding encryption providers for RKE2 https://docs.rke2.io/security/secrets_encryption It states that "RKE2 only supports the

AES-CBC

key type. Find more info here." Does this mean RKE2 is incompatible with using a Key management system for encryption/key management? Thanks

creamy-pencil-82913

03/06/2023, 7:51 PM

no, you can still provide your own secrets encryption config as covered in the Kubernetes docs, but the rke2's automatic management of the configuration via the secrets-encrypt command only supports the aescbc provider. If you provide your own configuration that uses a different provider, rke2 cannot manage it for you.

👍 1

kind-church-47495

03/06/2023, 8:08 PM

Ah cool thank you

2 Views

#rke2 Join Slack