Monthly Archives: June 2017

Install the Commodo SSL cert

Combine everything for nginx: Combine the above crt files into a bundle (the order matters, here): cat www_example_com.crt COMODORSADomainValidationSecureServerCA.crt COMODORSAAddTrustCA.crt AddTrustExternalCARoot.crt > ssl-bundle.crt Store the bundle wherever nginx expects to find it: mkdir -p /etc/nginx/ssl/example_com/ mv ssl-bundle.crt /etc/nginx/ssl/example_com/ Ensure your private key is somewhere nginx can read it, as well.: mv example_com.key /etc/nginx/ssl/example_com/ Make sure… Read More »

Configure and Manage a Kubernetes HAProxy Ingress Controller

Introduction Almost everyone who is deploying an application would like the app to be accessible to other people on the public internet. If you are an independent developer working with a cloud provider, then you’ll ask, what’s my public IP address, and what ports are exposed? If you are a developer in a corporation with… Read More »

Enable TLS for Kube-Registry

This document describes how to enable TLS for kube-registry. Before you start, please check if you have all the prerequisite: A domain for kube-registry. Assuming it is Domain certificate and key. Assuming they are domain.crt and domain.key Pack domain.crt and domain.key into a Secret $ kubectl –namespace=kube-system create secret generic registry-tls-secret –from-file=domain.crt=domain.crt –from-file=domain.key=domain.key Run… Read More »

Private Docker Registry in Kubernetes

Private Docker Registry in Kubernetes Kubernetes offers an optional private Docker registry addon, which you can turn on when you bring up a cluster or install later. This gives you a place to store truly private Docker images for your cluster. How it works The private registry runs as a Pod in your cluster. It… Read More »