Thanks Matthias! I settled on the latter mostly because it makes reinstalling the apiserver > nodes (where configuration changes more frequently) easier by not having to > deal with etcd cluster membership at the same time. >
So you will have to reinstall the whole apiserver node frequently (i.e., all the daemons will be down)? But I think if you need to reconfigure apiserver, you can just restart apiserver daemon and leave etcd in the same node as it is, right? The main benefit of only using localhost is that you can forego > authentication on the client port when not exposing it over the network, > this saves you from teaching kube-apiserver about it. On the other hand, > this has gotten easier in Kubernetes 1.2. > Can you please elaborate this benefit a bit more? How can I forgo authentication on the client port when not exposing it over the network if apiserver and etcd are running in the same node? What if apiserver and etcd are running separately? -- You received this message because you are subscribed to the Google Groups "Containers at Google" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/google-containers. For more options, visit https://groups.google.com/d/optout.
