Back To Schedule
Thursday, December 7 • 2:00pm - 2:35pm
Certifik8s: All You Need to Know About Certificates in Kubernetes [I] - Alexander Brand, Apprenda

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Certificates are an integral part of a secure Kubernetes cluster deployment. They are mainly used to secure the Kubernetes API server using TLS, but certificates (and keys) are also used for other cluster functions such as client authentication, encryption of secrets, TLS bootstrapping, and the generation of service account tokens.

Certificates pose interesting challenges to cluster operators. What does the certificate setup look like in an ideal scenario? How long should certificates be valid for? When nearing expiration dates, how can certificates be rotated to ensure the cluster remains operational? These challenges must be understood when it comes to deploying and operating a Kubernetes cluster.

After this talk, you should have a better understanding of:
- How each cluster component uses certificates for secure communications
- How certificates can be used for authentication, including service account tokens
- How the Kubelet TLS bootstrapping process works
- How to plan, generate and deploy the certificates required for a secure cluster
- How to rotate certificates that are nearing their expiration date

avatar for Alexander Brand

Alexander Brand

Senior Systems Analyst, Apprenda
Alex works on the Kismatic Enterprise Toolkit at Apprenda, making the deployment of production Kubernetes clusters easier. He has been involved with Kubernetes and related projects since early 2016. Before Apprenda, Alex attended Queen's University in Canada, where he majored in Biomedical... Read More →

Thursday December 7, 2017 2:00pm - 2:35pm CST
Meeting Room 12AB, Level 4