3 files changed, 13 insertions, 12 deletions

diff --git a/roles/kubernetes/kubeadm/master/tasks/main.yml b/roles/kubernetes/kubeadm/master/tasks/main.yml
index 9af041b2..bc238c0a 100644
--- a/roles/kubernetes/kubeadm/master/tasks/main.yml
+++ b/roles/kubernetes/kubeadm/master/tasks/main.yml
@@ -1,15 +1,15 @@
 ---
-# - name: create direcotry for encryption config
-#   file:
-#     name: /etc/kubernetes/encryption
-#     state: directory
-#     mode: 0700
-
-# - name: install encryption config
-#   template:
-#     src: encryption-config.j2
-#     dest: /etc/kubernetes/encryption/config
-#     mode: 0600
+- name: create direcotry for encryption config
+  file:
+    name: /etc/kubernetes/encryption
+    state: directory
+    mode: 0700
+
+- name: install encryption config
+  template:
+    src: encryption-config.j2
+    dest: /etc/kubernetes/encryption/config
+    mode: 0600
 
 
 - name: install primary master
diff --git a/roles/kubernetes/kubeadm/master/templates/encryption-config.j2 b/roles/kubernetes/kubeadm/master/templates/encryption-config.j2
index 345c9bf9..b0e700b2 100644
--- a/roles/kubernetes/kubeadm/master/templates/encryption-config.j2
+++ b/roles/kubernetes/kubeadm/master/templates/encryption-config.j2
@@ -6,7 +6,7 @@ resources:
     providers:
     - secretbox:
         keys:
-{% for key in kubernetes_secrets.encryption_config_keys %}
+{% for key in kubernetes_secrets_cooked.encryption_config_keys %}
         - name: key{{ loop.index }}
           secret: {{ key }}
 {% endfor %}
diff --git a/roles/kubernetes/kubeadm/reset/tasks/main.yml b/roles/kubernetes/kubeadm/reset/tasks/main.yml
index f0e88e53..1e3539e1 100644
--- a/roles/kubernetes/kubeadm/reset/tasks/main.yml
+++ b/roles/kubernetes/kubeadm/reset/tasks/main.yml
@@ -8,6 +8,7 @@
     - /etc/kubernetes/kubeadm-init.log
     - /etc/kubernetes/kubeadm-join.log
     - /etc/kubernetes/pki
+    - /etc/kubernetes/encryption
   file:
     path: "{{ item }}"
     state: absent