Ariadne Conill 🐰Apr 5, 2024
definitely not going to remind people that kubelet defaults to full access including remote execution to anonymous users and that shodan has hundreds of kubelet hits (query "kubelet port:10250") on it, no sir
Show threadAriadne Conill 🐰Apr 5, 2024
this type of arrogance (creating orchestration software with basically ZERO security considerations, because "who would ever run their control plane exposed to the Internet?") is what i started edera to fix, and we will eventually fix this problem too
Show threadAriadne Conill 🐰Apr 5, 2024
cloud native is a layer cake, i am just asking for a layer cake that is actually delicious and not made of poison
Show threadKevin Karhan Apr 5, 2024
@ariadne The #cloud is the poison!
Show threadAriadne Conill 🐰Apr 5, 2024
@kkarhan well, really "cloud native" has nothing to do with clouds, it is just about containers in general
Show threadKevin Karhan 

@ariadne the inflationary use of #cloud, #containers, #memenetes aka. #kubernetes etc. very, very rarely merits itself and more often than not only exists as a means to funnel money ticsome big corporation...

https://www.youtube.com/watch?v=ZzI9JE0i6Lc

Apr 5, 2024 at 9:43pmWeb
Show threadweberc2 ☕️Apr 7, 2024
@kkarhan @ariadne Honestly I use Kubernetes bc it gives me a lot of what I need out of the box. There is a well documented happy path & a large pipeline of engineers who understand it. This is in contrast to cobbling together my own system from disparate tools that have their own distinct conventions & configuration syntaxes & so on. I’ve never really been in an organization that has done that successfully, esp not where dev teams can operate their own systems.
Show threadweberc2 ☕️Apr 7, 2024
@kkarhan @ariadne The scalability and reliability are mostly just gravy. Even if I were to go back to managing my own hosts, I would probably still run containers in them (via compose) just because it’s so much less painful and more standard to build docker containers.