slackhq
Feature request: Support for AWS spot fleets
I'm working on a FOSS IAC project to allow artists to render in AWS spot fleets. I can't see anyway to use nebula in this scenario where nodes spin up and dynamically join the Nebula cluster.
Paying for an extra software service isn't really an option like on defined.net. I really hope that ability isn't going to be forever limited by a paywall. It would be good to see some kind of strategy to solve this. I'm sure there are a number of ways to do it:
Only Idea I had so far was for nebula-cert to stick to standard shell commands (or vault supported SSL algorithms) to generate certs so that we can use Hashicorp Vault to produce the certificate instead of nebula. This way nodes by virtue of their IAM profile could automatically authenticate and become a part of the nebula cluster. Another strategy could be providing a cloudformation template to configure Lambda to run nebula-cert in serverless. Now that would be cool. All you'd need is an AWS key to request a cert anywhere with outbound internet access. That's something I might start researching, but it might take me a while to get there.
