Skip to content

Support composition of bootstrapping of kubeadm, cloud-init/ignition/talos/etc... and secrets transport #3761

New issue
New issue
Closed
Closed
Support composition of bootstrapping of kubeadm, cloud-init/ignition/talos/etc... and secrets transport#3761
Labels
kind/designCategorizes issue or PR as related to design.kind/featureCategorizes issue or PR as related to a new feature.lifecycle/frozenIndicates that an issue or PR should not be auto-closed due to staleness.
@randomvariable

Description

@randomvariable
randomvariable
opened on Oct 7, 2020

User Story

As a Kubernetes distribution developer, I would like to support different bootstrappers to CloudInit as well as ensure Cluster API's secret data is delivered to the instance securely and is not readable by unauthorised persons. I however do not want to re-implement all of kubeadm bootstrap provider, or make big assumptions about what the instance initialisation system is.

Detailed Description

Provide a method by which different parts of a bootstrapping mechanism could be composed together:

  • The part of the bootstrapping process that launches Kubernetes, i.e. kubeadm
  • The machine's bootstrapping system, e.g. Cloud-Init, Cloud-Base, Ignition, Talos
  • The infrastructure provider's mechanism to secure the bootstrap data: AWS Secrets Manager, Azure etc...
  • Something on the machine that is able to download from the secure source

Anything else you would like to add:

[Miscellaneous information that will assist in solving the issue.]

/kind feature

Metadata

Metadata

Assignees

No one assigned

    Labels

    kind/designCategorizes issue or PR as related to design.kind/featureCategorizes issue or PR as related to a new feature.lifecycle/frozenIndicates that an issue or PR should not be auto-closed due to staleness.

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions