caos / orbos Goto Github PK
View Code? Open in Web Editor NEWORBOS - GitOps everything
License: Apache License 2.0
ORBOS - GitOps everything
License: Apache License 2.0
myorbmycluster_kubeconfig:
encoding: Base64
encryption: AES256
value: xyz
myorbmyclustermyprovider_bootstrapkey:
encoding: Base64
encryption: AES256
value: xyz
myorbmyclustermyprovider_maintenancekey:
encoding: Base64
encryption: AES256
value: xyz
myorbmyclustermyprovider_maintenancekey_pub:
encoding: Base64
encryption: AES256
value: xyz
becomes:
kind: orbiter.caos.ch/Secrets
version: v0
spec:
myorb:
mycluster:
kubeconfig:
encoding: Base64
encryption: AES256
value: xyz
myprovider:
bootstrapkey:
encoding: Base64
encryption: AES256
value: xyz
maintenancekey:
encoding: Base64
encryption: AES256
value: xyz
maintenancekey_pub:
encoding: Base64
encryption: AES256
value: xyz
=> ubiquitous language
Upgrade from helm v2 to helm v3, for the aspects of using it tillerless and having the positive aspects of rollbacks per release.
The state should then be persistently managed in a git repository.
yum install kubelet=1.16.4 does not overwrite installed package kubelet=1.17.0
we should provide a dashboard for calico in the first place
I think it would be best to remediate as much as possible in an automated manor.
So we could run something like kube-bench in our test pipeline and then remediate most of the issues.
Target should be that the kubeadm
deployment is hardened automatically without a lot of customization from customers.
@thesephirot @eliobischof @stebenz inputs?
We should also collect log files of k8s
and our tooling
@eliobischof additional inputs?
Orbiter removes the cordon
flag from a specific node in each iteration.
IMHO this should not behave like this ๐
to ease the download of a kubeconfig, orbctl shall have the option to list the secrets in its config.
In our testcluster orbiter should apply boom
0.9.13
as defined in the orbiter.yml.
However we still have 0.9.10
which was the last version applied.
This might be the root cause for caos/boom#48
Side note this does not affect orbiter
version 0.12.2
(quickwin)
ambassador
cert-manager
argo
(the long run)
orbiter
boom
To better support boom, we should cache and security scan the used images and substitute them.
AWS can be used as Static Provider to test static implementations @ customer sites.
In addition we will implement full AWS functionality.
I think we can split test
and release & push
from each other
Add comments to API structs so that crd definition has descriptions
Sometimes when setting up a 3 node master cluster, the third node does not have the proper role master
applied in kubectl get nodes. Also the taints are missing.
@eliobischof a customer project
is related to this.
To make cluster lifecycle easy we should implement a destroy flag and change the behaviour off takeoff.
This relates to a customer issue.
https://www.getambassador.io/reference/core/ambassador/
This links to #18
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.