If you are planning to run a CoreOS cluster in a network environment outside of your control, such as within a shared datacenter or across the public internet, you may have noticed that
etcdcommunicates by making unencrypted HTTP requests. It’s possible to mitigate the risks of that behavior by configuring an IPTables firewall on each node in the cluster, but a complete solution would ideally use an encrypted transport layer.
etcdsupports peer-to-peer TLS/SSL connections, so that each member of a cluster is authenticated and all communication is encrypted. In this guide, we’ll begin by provisioning a simple cluster with three members, then configure HTTPS endpoints and a basic firewall on each machine.
Join us every Wednesday night at 8pm ET for Ask an Engineer!
Maker Business — Transforming Today’s Bad Jobs into Tomorrow’s Good Jobs
Wearables — Snap a picture
Electronics — To Y5V or not to Y5V?
Biohacking — Ticks are Spreading an Allergy to Meat
No comments yet.
Sorry, the comment form is closed at this time.