Slide 26
Slide 26 text
When to Opt for Custom Deployment?
- Responsibility of maintaining the clusters lies solely with the customer
- Master symmetric keys need to be manually rotated
https://www.twistlock.com/2017/08/02/kubernetes-secrets-encryption/
- Etcd isolation & TLS configuration
https://coreos.com/etcd/docs/latest/op-guide/security.html
- Node bootstrapping & TLS configuration
https://medium.com/@toddrosner/kubernetes-tls-bootstrapping-cf203776abc7
- Trade-offs
- Bleeding edge
- Choice (Machine Configuration, Operating Systems, Storage Backends, Network Plugins and HA configuration)