diff --git a/content/posts/11-a-beautiful-gitops-day-1/index.md b/content/posts/11-a-beautiful-gitops-day-1/index.md index d36cb0e..0905e48 100644 --- a/content/posts/11-a-beautiful-gitops-day-1/index.md +++ b/content/posts/11-a-beautiful-gitops-day-1/index.md @@ -87,6 +87,7 @@ Here are the pros and cons of each module: | **Upgrade** | You may need to follow new versions regularly | As a simple starter-kit, no need to support all community problems, so very few updates | | **Quality** | Use many hacks to satisfy all community needs, plenty of remote-exec and file provisioner which is not recommended by HashiCorp themselves | Use standard **cloud-config** for initial provisioning, then **Salt** for cluster OS management | | **Security** | Needs an SSH private key because of local provisioners, and SSH port opened to every node | Require only public SSH key, minimized opened SSH ports to only controllers, use SSH jump from a controller to access any internal worker node | +| **Bastion** | No real bastion support | Dedicated bastion host support with preinstalled WireGuard VPN, ideal for internal access to critical services like Kube API, longhorn, etc. | | **Reusability** | Vendor locked to Hetzner Cloud | Easy to adapt for a different cloud provider as long as it supports **cloud-config** (as 99% of them) | So for resume, choose Kube Hetzner module if: diff --git a/themes/congo b/themes/congo index f966f13..110bc34 160000 --- a/themes/congo +++ b/themes/congo @@ -1 +1 @@ -Subproject commit f966f13eb727d5d5f8fc90fb8805cd4021dbda9f +Subproject commit 110bc3414f033cff6cd54fa36a79befe8e0d6584