I know, but now, what controls credentials and instance bootstraping for that?
it will always be the "not invented here" type of deal. you can always add something else to bootstrap it further. I can't think of a use case where lemur/athenz/other x509 brokers adds real value (or convenience) versus a well defined process and bare bones things like etcd and such.
Thinking you can bypass the well defined process step is just an illusion. what most CTOs do is offload that to the few devops handling their abstraction. when that team grows too much, add another layer on top with a smaller team.
it will always be the "not invented here" type of deal. you can always add something else to bootstrap it further. I can't think of a use case where lemur/athenz/other x509 brokers adds real value (or convenience) versus a well defined process and bare bones things like etcd and such.
Thinking you can bypass the well defined process step is just an illusion. what most CTOs do is offload that to the few devops handling their abstraction. when that team grows too much, add another layer on top with a smaller team.