Kubernetes HTTPS with cert-manager and Let's Encrypt
Vložit
- čas přidán 16. 05. 2024
- #kubernetes #https
In the video, I cover the entire working of the HTTPS working, from its basics to obtaining certificates from Let's Encrypt. I discuss the complete process, starting with a scenario where there is no HTTPS and then moving on to the steps involved in getting HTTPS certificates. Additionally, I use two examples related to Kubernetes, one involving self-signed certificates and the other illustrating how cert-manager can be used for a more efficient approach.
Git repo - github.com/saiyam1814/kube-certs
Timestamps
00:00 Introduction
01:00 How https works with key/lock example
03:20 How does https connection request look like
04:48 What is certificate authority?
05:11 How to use certbot to generate certificate from https
10:48 self signed certificate Demo
16:08 cert-manager and let's encrypt Demo
21:55 Summary
Thank you to all the members for supporting the channel:
Komodor(Org Member) - hubs.ly/Q018ptnS0
Avesha(Org Member) - avesha.io/
Instruqt(Org member) - bit.ly/3SlTrpC
Sysdig(Org Member) - sysdig.com/
SlimAI(PlatinumMember)- slim.ai/
►►►Connect with me ►►►
► Kubesimplify: kubesimplify.com/newsletter
► Newsletter: saiyampathak.com/newsletter
► Discord: saiyampathak.com/discord
► Twitch: saiyampathak.com/twitch
► CZcams: saiyampathak.com/youtube.com
► GitHub: github.com/saiyam1814
► LinkedIn: / saiyampathak
► Website: / saiyampathak
► Instagram: / saiyampathak
► / saiyampathak
Thank you for sharing this content! Just one remark: at minute 4:50, the client and server are using symmetric key to encrypt and decrypt data. The initial asymmetric encryption is used just for making sure that the symmetric key ends up securely on both the client and the server.
This is such an amazing explanation of HTTPS.
Thanks for your efforts..! But what will happen if we dont use cert manager annotation in ingress ?
This is great. Thank you! 👍🏼
thank you saiyam pathak of you and you github repo i was able to resolve the ssl issue i was stuck in and was working on it for 2 days thank you so much bro
Glad it helped :)
thanks for explaining😇
Happy to help
Thanks so much for this tutorial, I could set up my https flawlessy for two services (a frontend and an API) using the same ingress and the same clusterissuer. However now when I try to call the API from the frontend I get a 308 redirect error, I am wondering if it has to do with the fact that I use a balancer to expose my pods and this is somehow terminating my TLS connection. Would be very nice if you could give guidance in this, since my scenario is very common. Thank you again!
is it possible to apply ssl certifiicates on exterenalIP itself. we dont want to use static IP or any DNS. We want to use externalIP generated only
thankyou for this ||
Just to add on if you're using EKS or GKE this cert manager installation can be skilled and use ACM aws tool to get certificate which checks TLS at load balancer level.
Great content
Unlike other videos where they simply promote opensource tools you standout you do both but intresting is you do more of handson really great to see your contents
good content bro
do we have to register on acme platform?
No