See also upstream documentation here: See https://kubernetes.io/docs/tasks/administer-cluster/encrypt-data/#encrypting-your-data
-
Generate base64 encoded encrpytion key:
$ head -c 32 /dev/urandom | base64 -i -
-
Create a Kubernetes encryption configuration file on each of the RKE nodes that will be consecutively provisioned with the controlplane role.