SSl with Letsencrypt on Kubernetes

Talk at RFCs we Love

Ashwin Murali

April 27, 2019

Tweet

More Decks by Ashwin Murali

See All by Ashwin Murali

AWS Community Day UAE 2024 - Sponsorship Deck

0

340

Learn Enough Containers to be Dangerous

0

410

Do More for Less With ECS Fargate!

0

71

Cloud engineer’s journey and survival in the cloud

1

2.1k

What does it take to be a good DevOps Engineer - Tamil / Vadivelu edition 0.1

0

430

0

130

Deploying a Web App on Azure Container Services

0

1.2k

Why DevOps And a few other uncomfortable.. things..

0

110

Connecting 10000 cars to the AWS Cloud

0

1.3k

Other Decks in Technology

See All in Technology

生成AIを活用した音声文字起こしシステムの2つの構築パターンについて

PRO

3

210

SRE Enabling戦記 - 急成長する組織にSREを浸透させる戦いの歴史

0

130

Bill One 開発エンジニア紹介資料

PRO

5

17k

Frontier Agents (Kiro autonomous agent / AWS Security Agent / AWS DevOps Agent) の紹介

3

180

Amazon Bedrock Knowledge Basesチャンキング解説！

0

150

クレジットカード決済基盤を支えるSRE - 厳格な監査とSRE運用の両立 (SRE Kaigi 2026)

6

2.8k

Kiro IDEのドキュメントを全部読んだので地味だけどちょっと嬉しい機能を紹介する

0

200

コミュニティが変えるキャリアの地平線：コロナ禍新卒入社のエンジニアがAWSコミュニティで見つけた成長の羅針盤

0

120

10Xにおける品質保証活動の全体像と改善 #no_more_wait_for_test

PRO

2

320

外部キー制約の知っておいて欲しいこと - RDBMSを正しく使うために必要なこと / FOREIGN KEY Night

PRO

12

5.6k

プロポーザルに込める段取り八分

1

470

SREのプラクティスを用いた3領域同時マネジメントへの挑戦〜SRE・情シス・セキュリティを統合したチーム運営術〜

coconala_engineer

2

670

Featured

See All Featured

Sharpening the Axe: The Primacy of Toolmaking

46

2.7k

SEO for Brand Visibility & Recognition

0

4.2k

Why Your Marketing Sucks and What You Can Do About It - Sophie Logan

0

76

Refactoring Trust on Your Teams (GOTO; Chicago 2020)

35

3.4k

Joys of Absence: A Defence of Solitary Play

1

290

Context Engineering - Making Every Token Count

9

660

Organizational Design Perspectives: An Ontology of Organizational Design Elements

PRO

1

200

The Director’s Chair: Orchestrating AI for Truly Effective Learning

1

97

We Have a Design System, Now What?

54

8k

A Modern Web Designer's Workflow

698

190k

Building Adaptive Systems

44

2.9k

ReactJS: Keep Simple. Everything can be a component!

666

130k

Transcript

SSL with Lets Encrypt on K8s Ashwin @ Zoomcar
Agenda • SSLs and LetsEncrypt • K8s and Microservices •
Cert Manager Demo • Q & A
SSLs and Lets Encrypt
• Privacy • Integrity • Identification
SSL / TLS / HTTPS
• SSLv2 - 1995-ish - Netscape • SSLv3 • TLS
1.0 - 1999 - IETF - SSLv3.1 • TLS 1.1 - 2006 • TLS 1.2 - 2008 • SSL 3.0 dep - 2015 • TLS 1.3 - 2018
Keys & Handshake
Asymmetric Handshake
Symmetric key Data exchange
Certificates & Authorities
• Issue Certificates • Confirm Identity of Cert Owner •
Provide Proof of Cert Validity
• Domain Validated • Organization Validated • Extended Validation
K8s and Microservices
• Microservices - Architectural Guidance • Multiple services on colocated
arch • Does not dictate container use • Containers best suited for use case
Kubernetes
• Code will fail • System resilience and availability •
Typical functions: Config, Deploy, Scale, Auth, Quota, Lifecycle, Federate, etc
Demo & Questions
Thank You [email protected] +91 9003010231