If you are planning to run a CoreOS cluster in a network environment outside of your control, such as within a shared datacenter or across the public internet, you may have noticed that
etcdcommunicates by making unencrypted HTTP requests. It’s possible to mitigate the risks of that behavior by configuring an IPTables firewall on each node in the cluster, but a complete solution would ideally use an encrypted transport layer.
etcdsupports peer-to-peer TLS/SSL connections, so that each member of a cluster is authenticated and all communication is encrypted. In this guide, we’ll begin by provisioning a simple cluster with three members, then configure HTTPS endpoints and a basic firewall on each machine.
Have an amazing project to share? Join the SHOW-AND-TELL every Wednesday night at 7:30pm ET on Google+ Hangouts.
Join us every Wednesday night at 8pm ET for Ask an Engineer!
Learn resistor values with Mho’s Resistance or get the best electronics calculator for engineers “Circuit Playground” – Adafruit’s Apps!
Maker Business — Undercover in an iPhone Factory (video)
Wearables — Go with silicone
Electronics — Shift away from basic arithmetic
Biohacking — Bunnies Book “The Hardware Hacker” Applies to Biohackers
No comments yet.
Sorry, the comment form is closed at this time.