Page 6: Generating the Data Encryption Config and Key
FreeBSD’s Base64 tool differs from Linux’s, so we need to use
ENCRYPTION_KEY=$(head -c 32 /dev/urandom | b64encode -r -)
at the beginning. The config file generation is the same, but we need to use our scp -i ~cbsd/.ssh/id_rsa
command instead of gcloud
‘s to copy the file to the controllers.
What a fantastic and interesting job you’ve done! I will definitely try!
Question – as far as I understand, you are not using any K8S CNI ( calico, flannel, … ). How your cluster works with multiple nodes ( ip address for pod, connectivity ? )
LikeLike
It is actually using a CNI plugin (https://github.com/containernetworking/plugins) although it just creates a basic bridge for the container network. Most CNI plugins should work fine on this cluster, which does actually have three worker nodes, and I’ve tested pod connectivity between nodes. A simple test for full CNI functionality would be to install Calico and test a NetworkPolicy.
LikeLike