TGI Kubernetes 077: All your certificates have expired



Tune in this week as Duffie works through how to rotate all the certificates in a Kubernetes Cluster. He will also describe what they are for and some of the characteristics of each one.

source

Avatar of Heptio

By Heptio

5 thoughts on “TGI Kubernetes 077: All your certificates have expired”
  1. Magnificent video.

    TOC – Part 1:

    00:53 – Welcome
    03:37 – Hackmd
    12:30 – Rough Outline
    12:44 – Problem Setup
    14:45 – Setup k8s cluster with short lived certificates
    28:17 – Replace kubeadm with unpatched version
    31:21 – Exposing certificate expiry time
    32:21 – Inspecting certificates
    44:55 – Certificates expire
    49:35 – Importance of kubeadm.conf
    52:00 – Minting new admin.conf
    55:00 – Check validity of certificate in admin.conf
    55:37 – Can kubectl now talk to cluster
    57:00 – Let the fix begin
    58:16 – Bring it all down

  2. Like always Duffie giving us valuable stuff!
    I will probably have to watch again some time in the future, is too much information to grasp at once 😀
    Thanks Duffie

Leave a Reply

Your email address will not be published.

Captcha loading...