Unable to apply tls cipher suites for kubelet
Issue
- Applying TLS Cipher Suites for Kubelet using the below KubeletConfig does result in machine-config rollout, however, the change is not reflected in the /etc/kubernetes/kubelet.conf file.
apiVersion: machineconfiguration.openshift.io/v1
kind: KubeletConfig
metadata:
name: <name-of-kubelet-config>
spec:
tlsSecurityProfile:
type: Custom
custom:
ciphers:
- TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
minTLSVersion: VersionTLS12
machineConfigPoolSelector:
matchLabels:
pools.operator.machineconfiguration.openshift.io/worker: ""
Environment
- Red Hat OpenShift Container Platform
- 4.10.x
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.