Closed RoysyLee closed 3 years ago
Related issues https://github.com/rancher/rancher/issues/27059/ / https://github.com/etcd-io/etcd/issues/8320 / https://github.com/etcd-io/etcd/issues/10304
You can configure this using extra_args
to the etcd
service. We'll discuss internally if we want to divert from upstream and make this more strict by default.
RKE version: v1.2.4
Rancher v2.5.5 k8s v1.19.4
Docker version
19.3.14
Operating system and kernel:
NAME="Ubuntu" VERSION="18.04.5 LTS (Bionic Beaver)" ID=ubuntu ID_LIKE=debian PRETTY_NAME="Ubuntu 18.04.5 LTS" VERSION_ID="18.04" HOME_URL="https://www.ubuntu.com/" SUPPORT_URL="https://help.ubuntu.com/" BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/" PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy" VERSION_CODENAME=bionic UBUNTU_CODENAME=bionic 4.15.0-118-generic
Type/provider of hosts:
Virtual machines hosted by an infrastructure provider
cluster.yml file:
Steps to Reproduce:
Results:
TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA (rsa 2048) - C TLS_RSA_WITH_3DES_EDE_CBC_SHA (rsa 2048) - C
Is there any plans to disable that ciphers?! If not, how can I disable that cipher in rke? I set up rke k8s by rancher!