Excellent explanation with all your expertise, Dear GVR. I'm sure this content of yours will stay at the top among all for many more years. Thank you for making it easy to understand.
Amazing tutorial on K8Certs. Really superb. First 40 minutes are really outstanding but from there I felt little complicate. May be too much depth of k8. Thank you very much for your great efforts. 🤗
Very resourceful. Thank you for putting in the time and effort. Note: I quite new to administering/managing certificates and there's not alot of resources to dumb it down to newbies. Your video did alot for me. Quick question: I have a wild card SSL certificate that was issued by an approved CA. My use case is to have this in my kube cluster and managed by cert-manager. thus certmanager will issue subdomain certs as required. How do I; if possible, create a CA certificate using my existing wild card SSL cert to achieve this? Thanking you
Thanks for your feedback. For your question, you have to provision kubernetes cluster manually (just google it..kubernetes hard way github), there you can create your own CA for entire cluster. To create CA from wildcard certificate... you have check 2 things... 1) contact your actual CA, get Intermediate CA, 2) use that Intermediate CA and provision k8s cluster Its complicated use case...just try to see how the setup done for EKS or AKE ot GKE clusters how they setup their CA's
Thank you & Appreciate your Suggestions. CA rotation detailed steps in documentation. Will try video kubernetes.io/docs/tasks/tls/manual-rotation-of-ca-certificates/
Thanks for this video, Venkat! It is very informative and well detailed. Question: I have to secure inter pod communication (not with api server) in my cluster. Could I use CSR for this need?
CSR is kubernetes resource type, allows any client to issue x.509 certificate with some Signer, then you will be using that signed certficate to/from communication with Kubernetes API server. What is your use case? if your one of the service being used as webhook for admission controller then you need CSR. Refer the video from here: ruclips.net/video/OHmgb7h-2-g/видео.html
@@learnwithgvr Thanks for a quick response. Use case: I have to host a http server to which clients can upload and download files. All clients are hosted within the cluster and communication is 100% internal to cluster. I plan to use self signed certificate to enable tls in this setup. To save effort in adding cert to CA of all the clients, I am exploring CSR option.
![[#2024MAMA] BIGBANG (빅뱅) - 뱅뱅뱅 (BANG BANG BANG) + FANTASTIC BABY | Mnet 241123 방송](http://i.ytimg.com/vi/EQsYfiPR9uM/mqdefault.jpg)
Excellent explanation with all your expertise, Dear GVR. I'm sure this content of yours will stay at the top among all for many more years. Thank you for making it easy to understand.
My pleasure, keep learning
Best tutorial to understand kubernetes certificates.
Thank you Pravin... Please watch my other videos yoo
Amazing tutorial on K8Certs. Really superb. First 40 minutes are really outstanding but from there I felt little complicate. May be too much depth of k8. Thank you very much for your great efforts. 🤗
Thanks Bro ..keep learning
Great tutorial done with zeal and genuine desire to share.
Thank you for this Venkat!
Thank you
Thank you so much for this great tutorial; I had a problem with my headphones
Thanks for the feedback, keep learning
Good one with good insight on K8 certificates & secure communication
Thank you and keep learning
Awsome content. One of the best video I have ever seen in RUclips on this topic
Thank you pls subscribe and keep learning
Really excellent explonation....so far i have not seen this kind of explonation in RUclips....keep going and do more videos.....
Thanks a ton, i will
Thank you Venkat for this hard work & sharing this valuable knowledge.
My pleasure Pravin
Super video GVR sir ,you are the best Teacher
My pleasure
Excellent video , keep making such good videos. Thanks Venkata
Thank you Durgarao
this is great work. you are a life saver. keep it coming!
Thank you 👍
Excellent explanation. Thanks a ton !
Thank you for the feedback,👍
Amazing work, Venkat! 👌🏻👌🏻👌🏻
Thanks a ton
Very good information. Much needed.
Thank you
Its 💎. Thanks alot
Thanks Bro
Gem 💎 of an explanation
Thank you Prashant
Keep making videos someday you will beat UDEMY we like depth content. thanks GVR.
My pleasure
Bro superb teaching looking for RBAC service
Thank you and please look at my RBAC video
ruclips.net/video/CTtfxsqCIdw/видео.html
awesome content man..well explained, thanks
Glad to hear the feedback. Thank you Suraj, keep learning
Very resourceful. Thank you for putting in the time and effort.
Note: I quite new to administering/managing certificates and there's not alot of resources to dumb it down to newbies. Your video did alot for me.
Quick question: I have a wild card SSL certificate that was issued by an approved CA.
My use case is to have this in my kube cluster and managed by cert-manager. thus certmanager will issue subdomain certs as required.
How do I; if possible, create a CA certificate using my existing wild card SSL cert to achieve this?
Thanking you
Thanks for your feedback.
For your question, you have to provision kubernetes cluster manually (just google it..kubernetes hard way github), there you can create your own CA for entire cluster. To create CA from wildcard certificate... you have check 2 things...
1) contact your actual CA, get Intermediate CA,
2) use that Intermediate CA and provision k8s cluster
Its complicated use case...just try to see how the setup done for EKS or AKE ot GKE clusters how they setup their CA's
would like to see CA rotation video incase cluster kube admin config was compromised how it could be rotated
Thank you & Appreciate your Suggestions.
CA rotation detailed steps in documentation. Will try video
kubernetes.io/docs/tasks/tls/manual-rotation-of-ca-certificates/
Thanks for this video, Venkat! It is very informative and well detailed.
Question: I have to secure inter pod communication (not with api server) in my cluster. Could I use CSR for this need?
CSR is kubernetes resource type, allows any client to issue x.509 certificate with some Signer, then you will be using that signed certficate to/from communication with Kubernetes API server.
What is your use case? if your one of the service being used as webhook for admission controller then you need CSR.
Refer the video from here: ruclips.net/video/OHmgb7h-2-g/видео.html
@@learnwithgvr Thanks for a quick response.
Use case: I have to host a http server to which clients can upload and download files. All clients are hosted within the cluster and communication is 100% internal to cluster. I plan to use self signed certificate to enable tls in this setup. To save effort in adding cert to CA of all the clients, I am exploring CSR option.