No video
Super easy new way to add HTTPS to Kubernetes apps with ManagedCertificates on GKE
Рет қаралды 22,084
Күн бұрынGoogle has just made it even easier to secure your applications deployed on Kubernetes with HTTPS through browser trusteded certificates. At least if you are using GKE - Google’s managed Kubernetes cluster. While I previously showed a cool way of how to do something similar with cert-manager, Google has just made the process even simpler. In this video you’ll learn how to automatically provision an HTTPS certificate that will be used by your existing ingress resource without the need to manually manage secrets or configure TLS on the ingress resource.
@shahedulislam94 Жыл бұрын
Mate you need to continue making videos, your explanations are the best there's nothing else like them out there.
@ukazap 4 жыл бұрын
Very soothing voice & helpful instruction that works!
@rafaeldefreitas5689 4 жыл бұрын
Awesome explanations! Thanks for all the help :)
@bagorolin 4 жыл бұрын
Very helpful and interesting playlist! Nicely done! I would appreciate a video how you configured your zsh, and how you perform some of the keyboard shortcuts you use in your videos :)
@kubucation 4 жыл бұрын
Thanks! Such a video will follow soon-ish :)
@lolocai1 2 жыл бұрын
Hi, Great video. I have a question: at what point is verified that you are the owner of the domain? Thank you in advance
@markrity 5 жыл бұрын
Hi Etienne, I really like this series of yours , about certs on k8s, can you explain what settings you setup at Network Services->Load Balancing and Network Services->Cloud DNS, to make this type of certification work?
@kubucation 5 жыл бұрын
Hi and thanks. Zero custom config, default config in the project, default config for the cluster :) The only thing I did is create the resources seen in the video.
@kajsaerikssonrosenqvist467 4 жыл бұрын
Hi. Great series! Have you thought about adding a video on mTLS for this system, i.e. nginx checking the identity of the client as well?
@eulersson 4 жыл бұрын
Hello! Very nice explanation thanks. I was wondering what ZSH functionality gives you the history browsing you get at 6:27 it's very cool. Thanks.
@felipebm13 2 жыл бұрын
Hi, great video! I created a static external IP in order to follow the steps from Google's tutorial, but I can't link my existing Kubernetes service with this particular IP address. Do you know how can I do it?
@joaoantunes8101 3 жыл бұрын
Cool :) any alternative like this for EKS / ACM ? (Amazon). A video regarding mTLS would be nice also, what would you use as a private CA? Did you ever tried "autocert"? It seems that uses certmanager.
@TheTiagoslater 2 жыл бұрын
gr8 content, question : can i have multiple ingress using the same certificate ? tks
@ch4.hayabusa 3 жыл бұрын
Managed Certificates show up as signed by Google Trust now. It's a shame we can't do wildcard ones. It's easy to run out of sub-domains with micro services and tenancy. I've also had them take 30 minutes to activate... They only guarantee under 60 minutes.
@kuntari4792 2 жыл бұрын
very Cool :) Nice Video, If GKE Cluster in autopilot mode is it possible to set up Nginx ingress ?
@divertechnology 4 жыл бұрын
hi, so google gives you certicates for free? i d be really a goal if you show how you setup the deployment environment the ci/cd
@naim2083 2 жыл бұрын
Thanks you a lot
@patricklukeastrero4015 2 жыл бұрын
hi. i encountered a problem. the static ip address in GCP is not being assigned. anyone help?
@ngnaven 4 жыл бұрын
In this example http wont redirect to https. Why?
@avifatal1367 4 жыл бұрын
Hi, Can you please share this yaml? thanks
@thomas-sinkala 4 жыл бұрын
When I tried kubectl get ManagedCertificate, it returns no resource found. Any idea why this is so?
@kubucation 4 жыл бұрын
Hi, are you running on GKE? Is this the response you're seeing initially or after replicating parts of the video? If so, at what point do you see the message?
@iga3725 Жыл бұрын
👏👏👏👏👏👏👏
@dustin_echoes 3 жыл бұрын
My ingress' address is empty. Idk why
@Ismaelsk8 3 жыл бұрын
🚀🚀🚀🚀👏👏👏
@KumarSaurabhSinha 4 жыл бұрын
I keep getting FAILED_NOT_VISIBLE for the certificate, not sure why
@kubucation 4 жыл бұрын
FAILED_NOT_VISIBLE would indicate that the ownership challenge is failing, because the CA can't find the automatically uploaded challenge document. Are you sure DNS is set up correctly? Can you reach the domain you're trying to get a certificate for manually?
@KumarSaurabhSinha 4 жыл бұрын
@@kubucation thank you for the reply. It was indeed the DNS issue. the certificate works perfectly fine, but i have another issue now. I use cloudfront to point to ingress domain and cloudfront has a different domain which then is also https a.b.com (cloudfront) pointing to a-zone1.internal.com (https ingress). Is there a way to force https on ingress level. I tried a few annotation like 'force-ssl-redirect' but does not seems to work. Please if you can help
@Hussamabulubbad 4 жыл бұрын
Hi bro, Can i call you and have a remote session, i have a some issue and you might help me out with it....
@kubucation 4 жыл бұрын
I don't have capacity for individual remote sessions at the moment. Sorry to disappoint you. Even so, I'd have to charge the same I charge for regular clients, otherwise it wouldn't be fair to them. Feel free to post your question here, then both I and the community can take a look and potentially help you - and it won't cost you anything.
kubucation
Рет қаралды 29 М.
Cloud Advocate
Рет қаралды 58 М.
What is Ingress in GKE or My understanding of Network LB(L4) Vs HTTP(s) Global LB (Ingress) in (GKE)
Learn GCP with Mahesh
Рет қаралды 9 М.
Tech Tutorials with Piyush
Рет қаралды 4,1 М.