I just did the CKS exam and it was pretty hard.
One question I had there asked me to configure tls between api-server and etcd and allow only specific versions of TLS but for some reason, I can’t find this information in the k8s docs.
Can you please point me to such documentation?
Thanks
Itai
You can find that in a couple of places. First, it’s in the reference for kube-apiserver; the flags for that are --tls-cipher-suites and --tls-min-version.
You can do a similar search in the etcd.io docs (which was recently added to the allowed docs list for CKS); flags are --cipher-suites and the ever popular --tls-min-version.