Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

K3s secrets encryption key rotation #4254

Closed
1 task done
dereknola opened this issue Oct 19, 2021 · 5 comments
Closed
1 task done

K3s secrets encryption key rotation #4254

dereknola opened this issue Oct 19, 2021 · 5 comments
Assignees
@dereknola @mdrahman-suse
Labels
kind/feature A large new piece of functionality priority/important-soon Must be staffed and worked on either currently, or very soon, ideally in time for the next release.
Milestone
v1.23.0+k3s1

Comments

@dereknola
Copy link
Member

dereknola commented Oct 19, 2021
edited
Loading

Is your feature request related to a problem? Please describe.
Currently users can only enable secrets-encryption, they cannot rotate the keys nor disable encryption

Describe the solution you'd like
A new CLI tool that enables the user to disable and rotate encryption keys
Design doc: #3407

Documentation can be found at https://rancher.com/docs/k3s/latest/en/security/secrets_encryption/
Backporting

  • Needs backporting to older releases
@dereknola dereknola added kind/feature A large new piece of functionality priority/important-soon Must be staffed and worked on either currently, or very soon, ideally in time for the next release. labels Oct 19, 2021
@dereknola dereknola added this to the v1.22.4+k3s1 milestone Oct 19, 2021
@dereknola dereknola self-assigned this Oct 19, 2021
@dereknola dereknola mentioned this issue Nov 1, 2021
Merged
@dereknola dereknola modified the milestones: v1.22.4+k3s1, v1.22.5+k3s1 Nov 12, 2021
@dereknola
Copy link
Member Author

Moved back to v1.22.5 due to underlying bootstrap changes.

@dereknola dereknola mentioned this issue Nov 22, 2021
Closed
@dereknola dereknola mentioned this issue Nov 29, 2021
Closed
@dereknola dereknola mentioned this issue Dec 7, 2021
Closed
@rancher-max rancher-max mentioned this issue Dec 15, 2021
Closed
@mdrahman-suse
Copy link

Validated in k3s master as per comment #4372 (comment)

@mdrahman-suse
Copy link

mdrahman-suse commented Dec 17, 2021
edited
Loading

Validated in k3s with RC v1.21.8-rc1+k3s1 and v1.22.5-rc1+k3s1 as per comment #4372 (comment)

@lazzio7

This comment was marked as off-topic.

Sign in to view
@brandond
Copy link
Member

@lazzio7 please open a new discussion topic for your question.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@dereknola dereknola

@mdrahman-suse mdrahman-suse

Labels
kind/feature A large new piece of functionality priority/important-soon Must be staffed and worked on either currently, or very soon, ideally in time for the next release.
Projects
None yet
Milestone
v1.23.0+k3s1
Development

No branches or pull requests
5 participants
@brandond @dereknola @lazzio7 @ShylajaDevadiga @mdrahman-suse