Drew Boswell

icon location SRE | ∅Trust | GitOps | K8S

Results 8 comments of Drew Boswell

Add support for running the controller with replicas>1

When you have thousands of secrets that need to be decrypted the inability to scale becomes quite a problem. Has any work been done to run multiple sealed-secret instances, with...

Decrypt performance: add workload sharding for replicas > 1

My impression is that kubeseal does things one-by-one, which is fine as long as the balance of updates vs number of secrets stays ok. But even in the 500-1000 sealed-secrets...

Decrypt performance: add workload sharding for replicas > 1

> > > This would be nice to have indeed. How would each replica know who it is? > > (I wanted to avoid StatefulSets due to bugs like [kubernetes/kubernetes#67250](https://github.com/kubernetes/kubernetes/issues/67250)...

Decrypt performance: add workload sharding for replicas > 1

Any news on the backlog status? This is still as relevant as ever

React to deleted secrets by re-creating them

I also use ArgoCD, but it doesn't really make a difference what GitOps tool, if any at all we use. It is still a "surprising" behaviour that you need to...

React to deleted secrets by re-creating them

The mechanism that populates the work/decrypt queue could be changed to verify the existence of a secret before generating it. This would cover a few scenarios including faster reboots (only...

alertmanager-config.yaml file for pagerduty_configs.details does not respect EventApi v2 spec

This is a recurring nightmare for us too

Decrypt performance: add workload sharding for replicas > 1

this is still relevant