Home / Companies / HashiCorp / Blog / Post Details
Content Deep Dive

Kubernetes Traffic Ingress with HashiCorp Vault PKIaaS and JetStack Cert-Manager

Blog post from HashiCorp

Post Details
Company
Date Published
Author
Nicolas Ehrman
Word Count
2,008
Company Posts That Month
19
Language
English
Hacker News Points
-
Summary

The management of TLS certificates is a major issue for companies, especially in cloud environments. The current process of requesting certificates manually can lead to unsustainable long validity periods. To automate this process, HashiCorp Vault and JetStack Cert-Manager are used to create and manage the lifecycle of TLS certificates in a Kubernetes environment. The workflow involves deploying a Vault server as the root PKI and intermediate CA, and integrating it with JetStack Cert-Manager, which checks for certificate changes and requests new certificates from Vault when necessary. Terraform is used to automate the deployment and configuration of the components, including Helm, Kubernetes provider, and Vault provider. The demo uses a Java application and a Kubernetes cluster, and the process is repeated to deploy the application with a TLS ingress route configured and validated by the PKIaaS.

Trends Found in this Post
Trend Post Mentions Total Month Mentions Posts Companies MoM
Secrets Management 56 355 41 21 +92%
Kubernetes 21 882 115 37 +3%
Zero Trust 1 13 5 5 -13%