Ariadne Conill 🐰
definitely not going to remind people that kubelet defaults to full access including remote execution to anonymous users and that shodan has hundreds of kubelet hits (query "kubelet port:10250") on it, no sir
this type of arrogance (creating orchestration software with basically ZERO security considerations, because "who would ever run their control plane exposed to the Internet?") is what i started edera to fix, and we will eventually fix this problem too
cloud native is a layer cake, i am just asking for a layer cake that is actually delicious and not made of poison
Arch 
@ariadne i'm going to go bury my servers in the backyard. can't hack my cloud when it's... not
it's always upsetting when I realise how many of these things are just out in the open, it's so easy to lock down with some firewall rules. but then, I guess most of these are on a managed service or something?