![[Hands-on] Kubernetes Pod Certificate Request introduced in v1.35](/_next/image?url=https%3A%2F%2Fmedia2.dev.to%2Fdynamic%2Fimage%2Fwidth%3D800%252Cheight%3D%252Cfit%3Dscale-down%252Cgravity%3Dauto%252Cformat%3Dauto%2Fhttps%253A%252F%252Fdev-to-uploads.s3.amazonaws.com%252Fuploads%252Farticles%252Foo8bhe8rmqlg55oyvglf.png&w=1200&q=75)
[Hands-on] Kubernetes Pod Certificate Request introduced in v1.35
Goal [!NOTE] In hurry? Jump to the result! The goal of this document is to generate auto signed certificate for any pod with the following projected volumes: volumes : - name : creds projected : sources : - podCertificate : signerName : row-major.net/spiffe keyType : ED25519 credentialBundlePath : service.crt keyPath : service.key - clusterTrustBundle : name : row-major.net:spiffe:primary-bundle path : ca.crt Table of Contents cover_image: ./thumbnail.png Goal Table of Contents Walkthrough Setup: Working Directory Setup: Kind Cluster with Cert Provisioning Enabled Setup: Mash Controller Deployed Verify: Auto Distributed Certificate Feature on Sample Deployment What's next? Closing Walkthrough Here is the step-by-step record of how I achieved the goal. Setup: Working Directory Let's quickly create a test directory build: test_name = pod_certificate_request tmp_dir = $( date +%y%m%d_%H%M%S_ $test_name ) mkdir -p ~/test_dive/ $tmp_dir cd ~/test_dive/ $tmp_dir Setup: Kind Cluster with Cert
Continue reading on Dev.to
Opens in a new tab
