Kubecon Europe 2018

cert-manager: native certificate management for Kubernetes

James Munnelly

cert-manager is a new project, built to replace kube-lego and make x509 certificates first class citizens in Kubernetes. Using custom resource definitions to introduce the concept of Issuers into a cluster, end-users can request signed TLS certificates from an ACME server (e.g. Let’s Encrypt), a signing key pair, Hashicorp Vault, or your organisations custom CA through its extensible design.

This talk presents cert-manager and demonstrates its new features over its predecessor, and specifically our approach to migrate thousands of users from kube-lego to the new custom resource backed system, without hindering future cert-manager functionality or effecting production users. At the end, we’ll go over the roadmap and future plans for the project, as well as how you can get involved!

EventKubecon Europe 2018
SpeakerJames Munnelly
VideoWatch Video
SlidesOpen Slides

Get started with Jetstack

Enquire about Subscription

Contact us