search

kubermatic / kubeone

Kubermatic KubeOne automate cluster operations on all your cloud, on-prem, edge, and IoT environments.
https://kubeone.io
Apache License 2.0
1.38k stars 233 forks source link

Encryption provider configuration missing on new controller node #2947

Open akurz opened 11 months ago

akurz commented 11 months ago

What happened?

When trying to add a new controller node with kubeone (1.7.0, k8s 1.26.9) on a cluster with encryptionProviders.enable.true, the encrypion provider configuration file is not copied to the new node. The encrypion provider configuration file is also missing from the backup archive.

Expected behavior

The /etc/kubernetes/encryption-providers/encryption-providers.yaml is created/copied on a new controller node and the config is saved in the backup.

How to reproduce the issue?

Remove a controller node and add a new one, while encryption Providers are enabled.

What KubeOne version are you using?

$ kubeone version
{
  "kubeone": {
    "major": "1",
    "minor": "7",
    "gitVersion": "1.7.0",
    "gitCommit": "1195366fd0cf11f314d194a3b29b6a782afde9a8",
    "gitTreeState": "",
    "buildDate": "2023-09-08T14:02:33Z",
    "goVersion": "go1.20.5",
    "compiler": "gc",
    "platform": "linux/amd64"
  },
  "machine_controller": {
    "major": "1",
    "minor": "57",
    "gitVersion": "v1.57.3",
    "gitCommit": "",
    "gitTreeState": "",
    "buildDate": "",
    "goVersion": "",
    "compiler": "",
    "platform": "linux/amd64"
  }
}

What cloud provider are you running on?

Other

What operating system are you running in your cluster?

Flatcar Linux

kubermatic-bot commented 4 months ago

Issues go stale after 90d of inactivity. After a furter 30 days, they will turn rotten. Mark the issue as fresh with /remove-lifecycle stale.

If this issue is safe to close now please do so with /close.

/lifecycle stale

xmudrii commented 4 months ago

/remove-lifecycle stale