From 3161f8715ace0cb6e27efbf70cdf013758b1b154 Mon Sep 17 00:00:00 2001 From: Or Shachar Date: Mon, 11 Nov 2024 13:19:15 -0500 Subject: [PATCH] feat: allow configuring min tls for grpc Supporting https://github.com/kedacore/keda/pull/6320 Signed-off-by: Or Shachar --- content/docs/2.17/operate/cluster.md | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/content/docs/2.17/operate/cluster.md b/content/docs/2.17/operate/cluster.md index 8df3cf238..0cba06ea3 100644 --- a/content/docs/2.17/operate/cluster.md +++ b/content/docs/2.17/operate/cluster.md @@ -130,6 +130,16 @@ The gRPC Metrics Service is part of the KEDA Operator deployment and serves scal | metrics-service-address | keda-operator.keda.svc.cluster.local:9666 | The address of the gRPC Metrics Service Server | | metrics-service-grpc-authority | "" | Host Authority override for the Metrics Service if the Host Authority is not the same as the address used for the gRPC Metrics Service Server. This is required for mutual TLS when the identity of the adapter server as presented in its TLS certificate is not the same as the metrics-service-address | +By default, KEDA uses TLS1.3 as a minimum TLS version for GRPC client/server. However, if you need to support another version you can configure it by using the environment variable `KEDA_HTTP_MIN_TLS_VERSION`. + +For example: + +```yaml +- env: + KEDA_GRPC_MIN_TLS_VERSION: TLS12 +``` + + ## Configure `MaxConcurrentReconciles` for Controllers To implement internal controllers KEDA uses the [controller-runtime project](https://github.com/kubernetes-sigs/controller-runtime), that enables configuration of [MaxConcurrentReconciles property](https://pkg.go.dev/sigs.k8s.io/controller-runtime/pkg/controller#Options), ie. the maximum number of concurrent reconciles which can be run for a controller.