bfe0c74793
* System components that require certificates signed by the cluster CA can submit a CSR to the apiserver, have an administrator inspect and approve it, and be issued a certificate * Configure kube-controller-manager to sign Approved CSR's using the cluster CA private key * Admins are responsible for approving or denying CSRs, otherwise, no certificate is issued. Read the Kubernetes docs carefully and verify the entity making the request and the authorization level * https://kubernetes.io/docs/tasks/tls/managing-tls-in-a-cluster |
||
|---|---|---|
| .. | ||
| cl | ||
| LICENSE | ||
| README.md | ||
| bootkube.tf | ||
| groups.tf | ||
| outputs.tf | ||
| profiles.tf | ||
| require.tf | ||
| ssh.tf | ||
| variables.tf | ||
README.md
Typhoon 
Typhoon is a minimal and free Kubernetes distribution.
- Minimal, stable base Kubernetes distribution
- Declarative infrastructure and configuration
- Free (freedom and cost) and privacy-respecting
- Practical for labs, datacenters, and clouds
Typhoon distributes upstream Kubernetes, architectural conventions, and cluster addons, much like a GNU/Linux distribution provides the Linux kernel and userspace components.
Features 
- Kubernetes v1.13.1 (upstream, via kubernetes-incubator/bootkube)
- Single or multi-master, Calico or flannel networking
- On-cluster etcd with TLS, RBAC-enabled, network policy
- Advanced features like snippets customization
- Ready for Ingress, Prometheus, Grafana, and other optional addons
Docs
Please see the official docs and the bare-metal tutorial.