bfe0c74793
* System components that require certificates signed by the cluster CA can submit a CSR to the apiserver, have an administrator inspect and approve it, and be issued a certificate * Configure kube-controller-manager to sign Approved CSR's using the cluster CA private key * Admins are responsible for approving or denying CSRs, otherwise, no certificate is issued. Read the Kubernetes docs carefully and verify the entity making the request and the authorization level * https://kubernetes.io/docs/tasks/tls/managing-tls-in-a-cluster |
||
|---|---|---|
| .. | ||
| cloudinit | ||
| workers | ||
| LICENSE | ||
| README.md | ||
| ami.tf | ||
| bootkube.tf | ||
| controllers.tf | ||
| network.tf | ||
| nlb.tf | ||
| outputs.tf | ||
| require.tf | ||
| security.tf | ||
| ssh.tf | ||
| variables.tf | ||
| workers.tf | ||
README.md
Typhoon 
Typhoon is a minimal and free Kubernetes distribution.
- Minimal, stable base Kubernetes distribution
- Declarative infrastructure and configuration
- Free (freedom and cost) and privacy-respecting
- Practical for labs, datacenters, and clouds
Typhoon distributes upstream Kubernetes, architectural conventions, and cluster addons, much like a GNU/Linux distribution provides the Linux kernel and userspace components.
Features 
- Kubernetes v1.13.1 (upstream, via kubernetes-incubator/bootkube)
- Single or multi-master, Calico or flannel networking
- On-cluster etcd with TLS, RBAC-enabled, network policy
- Advanced features like worker pools and spot workers
- Ready for Ingress, Prometheus, Grafana, and other optional addons
Docs
Please see the official docs and the AWS tutorial.