diff --git a/roles/rke2/templates/config.yaml.j2 b/roles/rke2/templates/config.yaml.j2 index 1be1547440a591b144b430f38ffbbb96a2d87e1b..7a63969a6d418e8978cb3f9e41743a4b2149aa7e 100644 --- a/roles/rke2/templates/config.yaml.j2 +++ b/roles/rke2/templates/config.yaml.j2 @@ -73,6 +73,10 @@ tls-san: resolv-conf: "{{ resolv_conf_node }}" {% endif %} + +{% if secrets_encryption is defined %} +secrets-encryption: "{{ secrets_encryption }}" +{% endif %} {# Do not use it: {% if node_external_ip is defined %} diff --git a/roles/rke2/templates/kernel_params.conf.j2 b/roles/rke2/templates/kernel_params.conf.j2 index 5925d294499cb5d756ef090d8a83b1396dc20d37..884a35f64e49a2c32fe1595c5b3538db96af8180 100644 --- a/roles/rke2/templates/kernel_params.conf.j2 +++ b/roles/rke2/templates/kernel_params.conf.j2 @@ -1,3 +1,4 @@ vm.overcommit_memory=1 kernel.panic=10 -kernel.panic_on_oops=1 \ No newline at end of file +kernel.panic_on_oops=1 +protect-kernel-defaults=true \ No newline at end of file diff --git a/roles/rke2/templates/manifests/deploy-openstack-ccm.j2 b/roles/rke2/templates/manifests/deploy-openstack-ccm.j2 index 432f3b33535b7e48d6fdcda8340b564881d7c3e5..9b8cecb21d4442d02e1eeeaf79f2bc99a6717926 100644 --- a/roles/rke2/templates/manifests/deploy-openstack-ccm.j2 +++ b/roles/rke2/templates/manifests/deploy-openstack-ccm.j2 @@ -3,7 +3,7 @@ kind: Namespace apiVersion: v1 metadata: - name: openstack-system + name: kube-system --- @@ -18,7 +18,7 @@ spec: chart: openstack-cloud-controller-manager version: {{ item.value.version | default("1.3.0") }} bootstrap: True - targetNamespace: openstack-system + targetNamespace: kube-system valuesContent: |- cloudConfig: global: