-
Bug
-
Resolution: Unresolved
-
Undefined
-
None
-
4.13.z, 4.12.z, 4.11.z, 4.14.z, 4.15
-
None
-
Low
-
No
-
False
-
-
Release Note Not Required
-
In Progress
Document URL:
https://docs.openshift.com/container-platform/4.14/security/tls-security-profiles.html
Section Number and Name:
Section Configuring the TLS security profile for the control plane (https://docs.openshift.com/container-platform/4.14/security/tls-security-profiles.html#tls-profiles-kubernetes-configuring_tls-security-profiles) And Configuring the TLS security profile for the kubelet (https://docs.openshift.com/container-platform/4.14/security/tls-security-profiles.html#tls-profiles-kubelet-configuring_tls-security-profiles)
Describe the issue:
A) In section Configuring the TLS security profile for the control plane (https://docs.openshift.com/container-platform/4.14/security/tls-security-profiles.html#tls-profiles-kubernetes-configuring_tls-security-profiles): 1. We provide the example of spec.tlsSecurityProfile which has a specific ciphers version A and minTLSVersion: VersionTLS11, 2. And in "Verification - Verify that the TLS security profile is set in the APIServer CR", the "Example output" is consistent. 3. But in "Verification - Verify that the TLS security profile is set in the etcd CR", the "Example output" shows different ciphers version B and minTLSVersion: VersionTLS12 The output should be consistent, otherwise it is a product bug. B) Same as Configuring the TLS security profile for the kubelet
Suggestions for improvement:
The output should be consistent.
Additional info:
From 4.11+
