20 min listen
cert-manager, with James Munnelly
ratings:
Length:
41 minutes
Released:
Oct 15, 2019
Format:
Podcast episode
Description
cert-manager is a certificate management toolkit for Kubernetes, commonly used to get TLS certificates from Let’s Encrypt. Project founder James Munnelly of Jetstack joins hosts Craig and Adam to explain how how certificates are issued and managed, and how cert-manager automates it all.
Do you have something cool to share? Some questions? Let us know:
web: kubernetespodcast.com
mail: kubernetespodcast@google.com
twitter: @kubernetespod
Chatter of the week
Fast food-themed entertainment:
Wendy’s Feast of Legends role-playing game
KFC dating simulator
Burger King Games
M.C. Kids
Taco Bell’s Tasty Temple Challenge
The McDonalds board game
KFC virtual escape room training
Soda-themed entertainment:
Cool Spot
Pepsi Invaders
Mad Mix: The Pepsi Challenge
Stranger Things 3: The Game
News of the week
Rancher 2.3 released
Episode 57, with Darren Shepherd
Windows container support and Rancher 2.3
Amazon EKS now has Windows containers generally available
Episode 70, with Patrick Lang
New on DigitalOcean Kubernetes Service: cluster autoscaling
Elastic Cloud on Kubernetes v1.0.0-beta1 released
MuleSoft releases AnyPoint Service Mesh
Container Journal interview
Linkerd 2.6
A guide to distributed tracing with Linkerd
Trackman, open source step-workflow tool from Cloud 66
Puppet announces public beta of Project Nebula
KubeCon NA 2019 contributor summit schedule announced
Kubernetes patterns for capacity planning by Mohamed Ahmed
How Booz Allen Hamilton is helping modernize the Federal Government with Kubernetes
Flant.com compares 11 ingress controllers for Kubernetes
How Zalando manages over 140 Kubernetes clusters by Henning Jacobs
Cluster API Simplifies Execution and Powers Projet Pacific at VMware
Grant Shipley moves from Red Hat/IBM to VMware
Kubernetes Wild West video game
SUSE moves on from OpenStack and doubles down on Kubernetes
SAP to make HANA database available on Kubernetes
Links from the interview
Jetstack
The two Matts: founders Matt Bates and Matt Barker
James’s Jetstack bio
cert-manager
Docs
Co-evolved with kube-lego by Christian Simon
How TLS encryption works:
x509 for public key certificates
Chains of trust
Certificate authorities and root certificates
Episode 60, with Mark Shuttleworth, founder of Thawte
LetsEncrypt
How it works
ACME protocol
HTTP-01 and DNS-01 validation
cert-manager concepts:
Issuers and Certificates
Self-signing issuers
Kubernetes and webhooks:
Validating webhooks require TLS
Kubebuilder supports cert-manager
Chicken-and-egg problem for validating webhooks
Conversion webhooks
Mirror/static pods
Kubernetes ingress quick-start tutorial
Different solver types
The ingress-shim controller
Other issuer options:
Vault, internal CA, CertificateRequests
Lets Encrypt is blocking old cert-manager versions
Edge cases where retry looping would start
v0.11 release notes
Upgrading to v0.11
Getting involved:
cert-manager and cert-manager-dev Slack channel
Bi-weekly community call
cert-manager on GitHub
James Munnelly on Twitter
Do you have something cool to share? Some questions? Let us know:
web: kubernetespodcast.com
mail: kubernetespodcast@google.com
twitter: @kubernetespod
Chatter of the week
Fast food-themed entertainment:
Wendy’s Feast of Legends role-playing game
KFC dating simulator
Burger King Games
M.C. Kids
Taco Bell’s Tasty Temple Challenge
The McDonalds board game
KFC virtual escape room training
Soda-themed entertainment:
Cool Spot
Pepsi Invaders
Mad Mix: The Pepsi Challenge
Stranger Things 3: The Game
News of the week
Rancher 2.3 released
Episode 57, with Darren Shepherd
Windows container support and Rancher 2.3
Amazon EKS now has Windows containers generally available
Episode 70, with Patrick Lang
New on DigitalOcean Kubernetes Service: cluster autoscaling
Elastic Cloud on Kubernetes v1.0.0-beta1 released
MuleSoft releases AnyPoint Service Mesh
Container Journal interview
Linkerd 2.6
A guide to distributed tracing with Linkerd
Trackman, open source step-workflow tool from Cloud 66
Puppet announces public beta of Project Nebula
KubeCon NA 2019 contributor summit schedule announced
Kubernetes patterns for capacity planning by Mohamed Ahmed
How Booz Allen Hamilton is helping modernize the Federal Government with Kubernetes
Flant.com compares 11 ingress controllers for Kubernetes
How Zalando manages over 140 Kubernetes clusters by Henning Jacobs
Cluster API Simplifies Execution and Powers Projet Pacific at VMware
Grant Shipley moves from Red Hat/IBM to VMware
Kubernetes Wild West video game
SUSE moves on from OpenStack and doubles down on Kubernetes
SAP to make HANA database available on Kubernetes
Links from the interview
Jetstack
The two Matts: founders Matt Bates and Matt Barker
James’s Jetstack bio
cert-manager
Docs
Co-evolved with kube-lego by Christian Simon
How TLS encryption works:
x509 for public key certificates
Chains of trust
Certificate authorities and root certificates
Episode 60, with Mark Shuttleworth, founder of Thawte
LetsEncrypt
How it works
ACME protocol
HTTP-01 and DNS-01 validation
cert-manager concepts:
Issuers and Certificates
Self-signing issuers
Kubernetes and webhooks:
Validating webhooks require TLS
Kubebuilder supports cert-manager
Chicken-and-egg problem for validating webhooks
Conversion webhooks
Mirror/static pods
Kubernetes ingress quick-start tutorial
Different solver types
The ingress-shim controller
Other issuer options:
Vault, internal CA, CertificateRequests
Lets Encrypt is blocking old cert-manager versions
Edge cases where retry looping would start
v0.11 release notes
Upgrading to v0.11
Getting involved:
cert-manager and cert-manager-dev Slack channel
Bi-weekly community call
cert-manager on GitHub
James Munnelly on Twitter
Released:
Oct 15, 2019
Format:
Podcast episode
Titles in the series (100)
Kubernetes Community, with Paris Pittman: A chat with Paris Pittman, Kubernetes community manager by Kubernetes Podcast from Google