bzub
bzub
Similar to the current ca_* variables for existing k8s-tls assets. To connect to a pre-existing etcd server specified with `var.etcd_servers`. Variables: - `bootkube render --etcd-ca-path` -> `var.etcd_ca` - `bootkube render...
https://kubernetes.io/docs/tasks/run-application/configure-pdb/
- [ ] Create an issue with Talos to somehow skip Talos management of `/etc/resolv.conf`. - [ ] Need to figure out if there's a workaround to keep kubernetes managed...
We want to minimize impact if a host cluster node goes down.
We could: - Make talos pods [Guaranteed](https://kubernetes.io/docs/tasks/configure-pod-container/quality-service-pod/#create-a-pod-that-gets-assigned-a-qos-class-of-guaranteed). - Set resource limits/requests such that it would reserve static CPUs if the host [cluster has this enabled](https://kubernetes.io/docs/tasks/administer-cluster/cpu-management-policies/#static-policy). - Use kubelet `reserved` [flags](https://kubernetes.io/docs/tasks/administer-cluster/reserve-compute-resources/).
If you're interested in this feature I've got a script in [my Dockerfile](https://gitlab.com/bzub/caddy-builder/blob/master/Dockerfile) that builds an arbitrary list of plugins into Caddy. It could use more testing so I thought...
As seen in the official [configuration document](https://github.com/coreos/ignition/blob/master/doc/configuration-v2_1.md). This would allow users to specify a user/group name.
Things will probably break if users change resource names (like with prefix/suffix transformers). We should test this scenario and support it. One thing we might need users to do or...
Health probes right now are just TCP checks on the Talos API port (`50000`). It would be nice if we could actually check the health of the kubernetes API for...