kubespray-ha-configuration

This is a legitimate, operational Kubespray high-availability configuration and troubleshooting guide. It contains sensitive administrative operations (SSH, systemctl, certificate regeneration, access to TLS keys) and privileged configuration examples that are expected for cluster operators. There are no signs of malicious behavior, credential exfiltration to third-party endpoints, download-execute supply-chain vectors, or obfuscated code. Security concerns are standard operational risks: (1) ensure admin credentials and TLS keys referenced in examples are handled securely, (2) prefer image digests over floating tags for static pod images if strict supply-chain integrity is required, and (3) treat the provided destructive commands (stopping kubelet/etcd/haproxy, iptables drops) as potentially disruptive and only run them in controlled test environments.