Hacker News new | past | comments | ask | show | jobs | submit login

How's this better than kops? https://github.com/kubernetes/kops



Kubeadm gives you a ”core” or bare bones setup which makes it much more flexible in terms of addons and versions etc.

It’s a bit more work though, which is the trade-off, but since the last few versions kubeadm makes it really easy to spin up clusters.

Personally I opt for complete flexibility.


Also Kubeadm has a pretty sane set of default security settings, which some other k8s distributions do not.

Specifically kops (by default) does not enable authentication on the kubelet, meaning any attacker who gets access to one container in your cluster is very likely to be able to compromise the whole thing.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: