bfe0c74793
* System components that require certificates signed by the cluster CA can submit a CSR to the apiserver, have an administrator inspect and approve it, and be issued a certificate * Configure kube-controller-manager to sign Approved CSR's using the cluster CA private key * Admins are responsible for approving or denying CSRs, otherwise, no certificate is issued. Read the Kubernetes docs carefully and verify the entity making the request and the authorization level * https://kubernetes.io/docs/tasks/tls/managing-tls-in-a-cluster |
||
---|---|---|
.. | ||
cl | ||
workers | ||
LICENSE | ||
README.md | ||
apiserver.tf | ||
bootkube.tf | ||
controllers.tf | ||
ingress.tf | ||
network.tf | ||
outputs.tf | ||
require.tf | ||
ssh.tf | ||
variables.tf | ||
workers.tf |
README.md
Typhoon
Typhoon is a minimal and free Kubernetes distribution.
- Minimal, stable base Kubernetes distribution
- Declarative infrastructure and configuration
- Free (freedom and cost) and privacy-respecting
- Practical for labs, datacenters, and clouds
Typhoon distributes upstream Kubernetes, architectural conventions, and cluster addons, much like a GNU/Linux distribution provides the Linux kernel and userspace components.
Features
- Kubernetes v1.13.1 (upstream, via kubernetes-incubator/bootkube)
- Single or multi-master, Calico or flannel networking
- On-cluster etcd with TLS, RBAC-enabled, network policy
- Advanced features like worker pools, preemptible workers, and snippets customization
- Ready for Ingress, Prometheus, Grafana, and other optional addons
Docs
Please see the official docs and the Google Cloud tutorial.