public/geek-cookbook
1
0
Fork 0
mirror of https://github.com/funkypenguin/geek-cookbook/ synced 2025-12-13 01:36:23 +00:00
Code Issues Releases Wiki Activity

Design / speed tweaks

Browse Source 
* Test updating CTA, using insiders version of mkdocs-material

* Dark mode, baby!

Signed-off-by: David Young <davidy@funkypenguin.co.nz>

* What will netlify do if I remove requirements.txt?

Signed-off-by: David Young <davidy@funkypenguin.co.nz>

* What will netlify do if I remove requirements.txt?

Signed-off-by: David Young <davidy@funkypenguin.co.nz>

* Only build the insiders version

Signed-off-by: David Young <davidy@funkypenguin.co.nz>

* Remove some broken links

Signed-off-by: David Young <davidy@funkypenguin.co.nz>

* Fix dead link

Signed-off-by: David Young <davidy@funkypenguin.co.nz>

* Remove twitter embed

Signed-off-by: David Young <davidy@funkypenguin.co.nz>

* Fix dead links

Signed-off-by: David Young <davidy@funkypenguin.co.nz>

* Mooar dead links

Signed-off-by: David Young <davidy@funkypenguin.co.nz>

* Final dead link

Signed-off-by: David Young <davidy@funkypenguin.co.nz>
This commit is contained in:
David Young
2021-01-09 13:56:48 +13:00
committed by GitHub
parent 3cc7548e24
commit 745dc26946
35 changed files with 86 additions and 634 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
manuscript/ha-docker-swarm/shared-storage-ceph.md
View File

@@ -145,7 +145,7 @@ It's now necessary to tranfer the following files to your ==other== nodes, so th
Back on the ==master== node, run `ceph orch host add <node-name>` once for each other node you want to join to the cluster. You can validate the results by running `ceph orch host ls`
!!! question "Should we be concerned about giving cephadm using root access over SSH?"
Not really. Docker is inherently insecure at the host-level anyway (*think what would happen if you launched a global-mode stack with a malicious container image which mounted `/root/.ssh`*), so worrying about cephadm seems a little barn-door-after-horses-bolted. If you take host-level security seriously, consider switching to [Kubernetes](/kubernetes/start/) :)
Not really. Docker is inherently insecure at the host-level anyway (*think what would happen if you launched a global-mode stack with a malicious container image which mounted `/root/.ssh`*), so worrying about cephadm seems a little barn-door-after-horses-bolted. If you take host-level security seriously, consider switching to [Kubernetes](/kubernetes/) :)
### Add OSDs