I'm using TLS on etcd 3.3.12 and have a mix of etcd proxies and masters. The proxies don't seem to honour the --cipher-suites setting, as it ends up with ECDHE-RSA-AES256-GCM-SHA384 despite --cipher-suites=TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 being set.

$ pgrep -laf /usr/bin/etcd
21968 /usr/bin/etcd --listen-client-urls https://0.0.0.0:4000 --adv

Do you want to request a feature or report a bug?

Documentation improvement

In digestAuth documentation, Kubernetes section does not contain any useful example explaining how to put credentials into a file. The given example is same as users(using base

Is this a bug report or feature request?

• Feature Request

What should the feature do:
We have per node configuration for selecting device, but no wal/db device selection. We can add configuration for what device will be used for wal/db device.

// current
    nodes:
    - name: "mynode"
      devices:
      - name: "sdb"

// fix to
    nodes:
    - name: "mynode"

Casbin is an open-source project. We need more developer help to make Casbin even more awesome.

things to do

• Development environment
• Contribution Workflow
• Testing

通过了CSR认证，却没有获取到nodes的信息

[root@k8s-01 ssl]# kubectl get csr
NAME AGE REQUESTOR CONDITION
csr-b0gpz 6m kubelet-bootstrap Pending
csr-swnf0 27m kubelet-bootstrap Pending
[root@k8s-01 ssl]# kubectl certificate approve csr-b0gpz csr-swnf0
certificatesigningrequest "csr-b0gpz" approved
certificatesigningrequest "csr-swnf0" approved
[root@k8s-01 ssl]

https://github.com/gjmzj/kubeasz/blob/master/docs/guide/ingress-tls.md#4%E5%88%9B%E5%BB%BA-https-ingress-%E4%BE%8B%E5%AD%90

# 创建https ingress
$ kubectl apply -f /etc/ansible/manifests/ingress/traefik/tls/hello-tls.ing.yaml
# 注意根据hello示例，需要在default命名空间创建对应的secret: traefik-cert
$ kubectl create secret tls traefik-cert --key=tls.key --cert=tls.crt

1. 不执行 hello-tls.ing.yaml ，nginx的https

Hey!
Not a big problem of course but currently when you do "pip install patroni" you still need to go to Github and save a copy of for https://github.com/zalando/patroni/blob/master/postgres0.yml to get started. I know there are env variables but there are quite some to remember. So would be very convenient if running something like "patroni --initconf postgres0.yml" would fill the postgres0.yml

What would you like to be added:

For security reasons, I do not want to connect to consul using the domain socket.

The following is not working as I expect it to be:
"stolon-sentinel --store-backend=consul --store-endpoints unix:///var/run/consul/consul_http.sock"

I am getting the next error:

2020-03-05T20:46:32.998Z FATAL cmd/sentinel.go:1985 cannot create sentinel: c

Is your feature request related to a problem? Please describe.
I got few migrations each referring a different connection. migrate:fresh, migrate:refresh doesn't handle this scenario since they operate on the default connection or in the specific connection passed via --database param.

Describe the solution you'd like
The simplest solution can be to process only migrations that has th

Basically we're in the DAG, so make sure we've let all the other resources (like files) get built (that might be used for the file server) before the server sends anything out. We could either block or just not return anything yet.

As an aside, does the rf.ReadFrom bit not get cancelled properly on close??

I am looking for examples for defining ingress resources for skipper.
Beside the following documentation, where can I get more examples?

For instance, how would you create ingress resources for the following routes:
path1: * -> "https://www.example.org";
path2: Path("/home") -> "https://www.google.com";
dynamicPath1: Path

Hi there! I wanted to propose adding the following badge to the README to indicate how many TODO comments are in this codebase:

The badge links to tickgit.com which is a free service that indexes and displays TODO comments in public gith

Of the learning environments that leverage Ansible, very few are using roles. This can make porting Ansible playbooks across learning environments more difficult. To fix this, Ansible-using learning environments need to be refactored (where possible) to use an Ansible role.

There are some procfiles that do this now, but they're not even very good for local development. Possible solution would be /hacks/ full of Dockerfile setups and some documentation around it.

Maybe I missed it but etcdadm just told me to

INFO[0005] To add another member to the cluster, copy the CA cert/key to its certificate dir and run: 
INFO[0005] 	etcdadm join https://10.0.0.19:2379 

But I didn't see any commands that would help me achieve this task. It might be nice to have a command to tar up the certs or at least provide me with some bash i can copy paste.

It would be nice if reshifter provided the ability to specify a prefix within the S3 bucket under which the backups should be written. Right now reshifter S3 backups just upload the zip to the S3 bucket root.