Skip to main content
  1. Tags/

certificates

2019


Deploy a secure instance of Elasticsearch on Kubernetes

·5 mins
It’s easy to deploy Elasticsearch on Kubernetes. You get yourself a copy of the Elastic Helm Charts and you run helm install. Job well done… or not? The default Elasticsearch configuration doesn’t enable any encryption or security mechanism, that doesn’t sound really safe! In this blog post, I’ll explain how you secure your Elasticsearch instance by enabling encryption (SSL transport and HTTP over SSL) and native authentication.

2018


Use Kubernetes Certificate Manager to automatically add SSL/TLS certificates to ingresses

·3 mins
Kubernetes Certificate Manager (cert-manager) is a native Kubernetes controller helping you to issue certificates from a variety of sources, such as Let’s Encrypt, HashiCorp Valut, a signing keypair and self-signed. The Certificate Manager ensures certificates are valid and up-to-date, and attempt to renew certificates at a configured time before expiry.

Install CFSSL and CFSSLJSON - CloudFlare's KPI toolkit

·2 mins
I try to automate almost everything. I use Docker to containerize in-house developed software and run these containers on CentOS 7 machines. When you’re using a modern CentOS 7 version, the XFS filesystems are configured correctly with d_type support activated. But when you want to run Docker containers on an older version of CentOS 7, d_type support could be disabled causing a lot of trouble when you’re chowning and chmoding files in a container: files are not found or skipped, etc.