Re: Self-service tooling requires fine-grained authz -- it's NOT about the application protocol (was Re: (internal) DNS dysfunction is enterprise settings)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Tony Finch <dot@xxxxxxxx> wrote:
    >> If someone says "let's put this config data in DNS" and someone responds
    >> "DNS is too difficult to manage", the answer isn't necessarily "let's
    >> invent a new protocol".

    > This is outside the areas I am familiar with, but there's some really
    > interesting DNS stuff going on in the Kubernetes world, for dynamic
    > service discovery. But I get the impression they are using DNS for
    > compatibility with existing software, not because they care about
    > connecting their container cluster to a global namespace.

Yes, but it's terribly *IPv4* NAT44-everything-you-can centric.
It's nice that docker and kubernetes have made themselves IPAMs, but it turns
out that turning that off is actually rather difficult.

--
]               Never tell me the odds!                 | ipv6 mesh networks [
]   Michael Richardson, Sandelman Software Works        |    IoT architect   [
]     mcr@xxxxxxxxxxxx  http://www.sandelman.ca/        |   ruby on rails    [

Attachment: signature.asc
Description: PGP signature


[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Mhonarc]     [Fedora Users]

  Powered by Linux