diff --git a/CHANGES.md b/CHANGES.md
new file mode 100644
index 00000000..16f27d6b
--- /dev/null
+++ b/CHANGES.md
@@ -0,0 +1,62 @@
+# Typhoon
+
+Notable changes between versions.
+
+## v1.7.5
+
+* Kubernetes v1.7.5
+* Use kubernete-incubator/bootkube v0.6.2
+* Add AWS Terraform module (alpha)
+* Add support for Calico networking (bare-metal, Google Cloud, AWS)
+* Change networking default from "flannel" to "calico"
+
+#### AWS
+
+* Add `network_mtu` to allow CNI interface MTU customization
+
+#### Bare-Metal
+
+* Add `network_mtu` to allow CNI interface MTU customization
+
+## v1.7.3
+
+* Kubernetes v1.7.3
+* Use kubernete-incubator/bootkube v0.6.1
+
+#### Digital Ocean
+
+* Add cloud firewall rules (requires Terraform v0.10)
+* Change nodes tags from strings to DO tags
+
+## v1.7.1
+
+* Kubernetes v1.7.1
+* Use kubernete-incubator/bootkube v0.6.0
+* Add Bare-Metal Terraform module (stable)
+* Add Digital Ocean Terraform module (beta)
+
+#### Google Cloud
+
+* Remove `k8s_domain_name` variable, `cluster_name` + `dns_zone` resolves to controllers
+* Rename `dns_base_zone` to `dns_zone`
+* Rename `dns_base_zone_name` to `dns_zone_name`
+
+## v1.6.7
+
+* Kubernetes v1.6.7
+* Use kubernete-incubator/bootkube v0.5.1
+
+## v1.6.6
+
+* Kubernetes v1.6.6
+* Use kubernete-incubator/bootkube v0.4.5
+* Disable locksmithd on hosts, in favor of [CLUO](https://github.com/coreos/container-linux-update-operator).
+
+## v1.6.4
+
+* Kubernetes v1.6.4
+* Add Google Cloud Terraform module (stable)
+
+## Earlier
+
+Earlier versions, back to v1.3.0, used different designs and mechanisms.
diff --git a/README.md b/README.md
index 98a4f8db..b908b3ba 100644
--- a/README.md
+++ b/README.md
@@ -1,4 +1,4 @@
-# Typhoon 
+# Typhoon []()
Typhoon is a minimal and free Kubernetes distribution.
@@ -20,21 +20,22 @@ Typhoon distributes upstream Kubernetes, architectural conventions, and cluster
Typhoon provides a Terraform Module for each supported operating system and platform.
-| Platform | Operating System | Terraform Module |
-|---------------|------------------|------------------|
-| AWS | Container Linux | [aws/container-linux/kubernetes](aws/container-linux/kubernetes) |
-| Bare-Metal | Container Linux | [bare-metal/container-linux/kubernetes](bare-metal/container-linux/kubernetes) |
-| Digital Ocean | Container Linux | [digital-ocean/container-linux/kubernetes](digital-ocean/container-linux/kubernetes) |
-| Google Cloud | Container Linux | [google-cloud/container-linux/kubernetes](google-cloud/container-linux/kubernetes) |
+| Platform | Operating System | Terraform Module | Status |
+|---------------|------------------|------------------|--------|
+| AWS | Container Linux | [aws/container-linux/kubernetes](aws/container-linux/kubernetes) | alpha |
+| Bare-Metal | Container Linux | [bare-metal/container-linux/kubernetes](bare-metal/container-linux/kubernetes) | production |
+| Digital Ocean | Container Linux | [digital-ocean/container-linux/kubernetes](digital-ocean/container-linux/kubernetes) | beta |
+| Google Cloud | Container Linux | [google-cloud/container-linux/kubernetes](google-cloud/container-linux/kubernetes) | beta |
## Usage
* [Docs](https://typhoon.psdn.io)
* [Concepts](https://typhoon.psdn.io/concepts/)
-* [AWS](https://typhoon.psdn.io/aws/)
-* [Bare-Metal](https://typhoon.psdn.io/bare-metal/)
-* [Digital Ocean](https://typhoon.psdn.io/digital-ocean/)
-* [Google-Cloud](https://typhoon.psdn.io/google-cloud/)
+* Tutorials
+ * [AWS](https://typhoon.psdn.io/aws/)
+ * [Bare-Metal](https://typhoon.psdn.io/bare-metal/)
+ * [Digital Ocean](https://typhoon.psdn.io/digital-ocean/)
+ * [Google-Cloud](https://typhoon.psdn.io/google-cloud/)
## Example
@@ -63,6 +64,7 @@ module "google-cloud-yavin" {
Fetch modules, plan the changes to be made, and apply the changes.
```sh
+$ terraform init
$ terraform get --update
$ terraform plan
Plan: 37 to add, 0 to change, 0 to destroy.
@@ -86,6 +88,9 @@ List the pods.
```
$ kubectl get pods --all-namespaces
NAMESPACE NAME READY STATUS RESTARTS AGE
+kube-system calico-node-1cs8z 2/2 Running 0 6m
+kube-system calico-node-d1l5b 2/2 Running 0 6m
+kube-system calico-node-sp9ps 2/2 Running 0 6m
kube-system etcd-operator-3329263108-f443m 1/1 Running 1 6m
kube-system kube-apiserver-zppls 1/1 Running 0 6m
kube-system kube-controller-manager-3271970485-gh9kt 1/1 Running 0 6m
@@ -93,9 +98,6 @@ kube-system kube-controller-manager-3271970485-h90v8 1/1 Running 1
kube-system kube-dns-1187388186-zj5dl 3/3 Running 0 6m
kube-system kube-etcd-0000 1/1 Running 0 5m
kube-system kube-etcd-network-checkpointer-crznb 1/1 Running 0 6m
-kube-system kube-flannel-1cs8z 2/2 Running 0 6m
-kube-system kube-flannel-d1l5b 2/2 Running 0 6m
-kube-system kube-flannel-sp9ps 2/2 Running 0 6m
kube-system kube-proxy-117v6 1/1 Running 0 6m
kube-system kube-proxy-9886n 1/1 Running 0 6m
kube-system kube-proxy-njn47 1/1 Running 0 6m
@@ -112,6 +114,10 @@ Typhoon is strict about minimalism, maturity, and scope. These are not in scope:
* Adding every possible option
* Openstack or Mesos platforms
+## Help
+
+Ask questions on the IRC #typhoon channel on [freenode.net](http://freenode.net/).
+
## Background
Typhoon powers the author's cloud and colocation clusters. The project has evolved through operational experience and Kubernetes changes. Typhoon is shared under a free license to allow others to use the work freely and contribute to its upkeep.
diff --git a/docs/faq.md b/docs/faq.md
index 92df7040..f7847e4f 100644
--- a/docs/faq.md
+++ b/docs/faq.md
@@ -1,6 +1,6 @@
# FAQ
-## Terraform?
+## Terraform
Typhoon provides a Terraform Module for each supported operating system and platform. Terraform is considered a *format* detail, much like a Linux distro might provide images in the qcow2 or ISO format. It is a mechanism for sharing Typhoon in a way that works for many users.
@@ -21,9 +21,17 @@ Only Container Linux is supported currently. This just due to operational famili
Fedora Cloud will likely be next.
+## Get Help
+
+Ask questions on the IRC #typhoon channel on [freenode.net](http://freenode.net/).
+
+## Security Issues
+
+If you find security issues, please see [security disclosures](/topics/security).
+
## Maintainers
-Typhoon clusters are Kubernetes configurations the maintainers use in real-world, production clusters.
+Typhoon clusters are Kubernetes clusters the maintainers use in real-world, production clusters.
* Maintainers must personally operate a bare-metal and cloud provider cluster and strive to exercise it in real-world scenarios
diff --git a/docs/index.md b/docs/index.md
index e623e815..6fd018c5 100644
--- a/docs/index.md
+++ b/docs/index.md
@@ -87,6 +87,9 @@ List the pods.
```
$ kubectl get pods --all-namespaces
NAMESPACE NAME READY STATUS RESTARTS AGE
+kube-system calico-node-1cs8z 2/2 Running 0 6m
+kube-system calico-node-d1l5b 2/2 Running 0 6m
+kube-system calico-node-sp9ps 2/2 Running 0 6m
kube-system etcd-operator-3329263108-f443m 1/1 Running 1 6m
kube-system kube-apiserver-zppls 1/1 Running 0 6m
kube-system kube-controller-manager-3271970485-gh9kt 1/1 Running 0 6m
@@ -94,9 +97,6 @@ kube-system kube-controller-manager-3271970485-h90v8 1/1 Running 1
kube-system kube-dns-1187388186-zj5dl 3/3 Running 0 6m
kube-system kube-etcd-0000 1/1 Running 0 5m
kube-system kube-etcd-network-checkpointer-crznb 1/1 Running 0 6m
-kube-system kube-flannel-1cs8z 2/2 Running 0 6m
-kube-system kube-flannel-d1l5b 2/2 Running 0 6m
-kube-system kube-flannel-sp9ps 2/2 Running 0 6m
kube-system kube-proxy-117v6 1/1 Running 0 6m
kube-system kube-proxy-9886n 1/1 Running 0 6m
kube-system kube-proxy-njn47 1/1 Running 0 6m
@@ -105,6 +105,10 @@ kube-system kube-scheduler-3895335239-bzrrt 1/1 Running 1
kube-system pod-checkpointer-l6lrt 1/1 Running 0 6m
```
+## Help
+
+Ask questions on the IRC #typhoon channel on [freenode.net](http://freenode.net/).
+
## Background
Typhoon powers the author's cloud and colocation clusters. The project has evolved through operational experience and Kubernetes changes. Typhoon is shared under a free license to allow others to use the work freely and contribute to its upkeep.
diff --git a/docs/topics/security.md b/docs/topics/security.md
new file mode 100644
index 00000000..47b54459
--- /dev/null
+++ b/docs/topics/security.md
@@ -0,0 +1,12 @@
+# Security
+
+Typhoon aims to be minimal and secure. We're running it ourselves after all.
+
+## OpenPGP
+
+Typhoon uses upstream container images and binaries. We do not currently distribute materials of our own.
+
+## Disclosures
+
+If you find security issues, please see [security disclosures](/topics/security). If the issue lies in upstream Kubernetes, please inform upstream Kubernetes as well.
+
diff --git a/mkdocs.yml b/mkdocs.yml
index f5aabd82..c9932309 100644
--- a/mkdocs.yml
+++ b/mkdocs.yml
@@ -50,6 +50,8 @@ pages:
- 'Heapster': 'addons/heapster.md'
- 'Dashboard': 'addons/dashboard.md'
- 'CLUO': 'addons/cluo.md'
+ - 'Topics':
+ - 'Security': 'topics/security.md'
- 'FAQ': 'faq.md'
- 'Advanced':
- 'Customization': 'advanced/customization.md'