
Show HN: KCluster – Hosted Kubernetes Service on AWS - kcluster
https://kcluster.io
======
marcc
I'm intrigued. Using Kubernetes on GKE is just so easy, it's hard to put the
work into running it on EC2. If you can match the ease-of-setup, it would be
amazing. I signed up, and tried to deploy a cluster, but had some challenges
that stopped me:

1\. During signup, I have no idea what AccountName means, and it took me more
than a few time times to make your form not say "You must match the required
format". As it turns out, all lowercase seemed to have worked.

2\. I'd recommend dropping the signup form and use GitHub and Google OAuth.
Check out Auth0.

3\. When I went to turn on a cluster, you ask for an AWS Access Key and
Secret. It's obvious that you need these, but you are asking for some pretty
big permissions: ec2: _, cloudformation:_ , and more. I'm not going to give
you an AccessKey and SecretKey because you don't have anything on your docs
about how you store and protect these.

4\. Why would you charge me a per-hour fee based on the # of nodes when it's
running in my own AWS account? Your software was involved in installing (and I
assume upgrading) the k8s cluster, but are you also providing any management
tools on top of it? Help me understand the full lifecycle and value you
continue to bring. Currently, I can't tell if you plan to charge me $1 per
node per month, or $10, or even $100.

In the end, I didn't spin up a cluster because I didn't set up a new AWS
account that I can sandbox everything in. I should do that and give it a try
though. Keep working on this, I like the idea, and it's definitely early for
you!

~~~
kcluster
Thanks for your feedback and interest.

1\. We'll improve the help text to be more specific about what we'd expect for
that field.

2\. The reason we didn't implement OAuth is that we want user to be able to
use the same email address in multiple accounts, so the account + email
identifies the user not just the email address.

3\. We are planning to use cross account IAM role instead of asking access
key/ secret key. Will this address your concerns?

4\. We are not just provision k8s cluster in your AWS account, k8s nodes will
be running in your AWS account and we'll host the master components like etcd,
api servers, controller managers and schedulers for you. Those components will
be running in our AWS account, the more node you connect to the master, the
more resource we need. So we charge based on the number of nodes in the
cluster. This is similar to the GKE (not GCE) offering where you only run k8s
nodes in your account not the masters.

~~~
marcc
AccountName + Email + Password to allow your users to have multiple accounts
is an unusual and slightly confusing design. So, in your plan, I would have to
log out and can log back in using a different AccountName (but the same
email)?

Why not just design the user model so that 1 account can be on multiple teams?
That seems more manageable and expected from the user's view?

~~~
derricgilling
We used Auth0 for our own site Moesif to implement a muti tenant system where
each user can have access to multiple accounts. Pretty easy to set up and
Auth0 provides a lot of extra stuff, password reset, admin panel for non devs,
transactional emails, etc.

------
kcluster
We've now switched to use Auth0 as our login system and added support for
Google and GitHub OAuth login

~~~
marcc
Awesome. Signing up again to try it!

