Thanks for the write up on this! I was just thinking about how to start managing our ROCKS clusters with Puppet and ruminating on the cert issues on reimaging. This will make it trivial and (relatively) secure if we only allow traffic from our cluster bastion hosts to modify the certs. Very timely!
Garretth,
Thanks for the write up on this! I was just thinking about how to start managing our ROCKS clusters with Puppet and ruminating on the cert issues on reimaging. This will make it trivial and (relatively) secure if we only allow traffic from our cluster bastion hosts to modify the certs. Very timely!
Thanks!
Andrew