All posts tagged in: Container
Out of the box, the Kubernetes authentication is not very user-friendly for end users. In this lab, we will see how to integrate Active Directory with Kubernetes to give the easiest authentication experience to the end users. For this, we will use a project called Dex. Dex is an OpenID Connect provider done by CoreOS. It take care of the translation between Kubernetes tokens and Active Directory users. We will also use Heptio Gangway to generate kubectl configuration files for us, and Bitly OAuth2 Proxy to forward the OpenID token to the Kubernetes dashboard. Requirements You will need an ISO...
In this lab, we will see how to automatically generate signed SSL certificates for your HTTP applications running in your Kubernetes cluster. To do this, we will deploy a tool called cert-manager. This awesome tool was developed by Jetstack and is able to automate the generation of signed SSL certificates via Let's Encrypt. Requirements For this lab, you will need a working Kubernetes cluster. If you don't already have one, you can follow the Install and configure a multi-master Kubernetes cluster with kubeadm article, or the Install and manage automatically a Kubernetes cluster on VMware vSphere with Terraform and Kubespray...
If you already completed the tutorials Deploy Kubernetes 1.9 from scratch on VMware vSphere and Install and configure a multi-master Kubernetes cluster with kubeadm, you should have a pretty good understanding of how a multi-master Kubernetes cluster is structured. You are now probably looking for a way to automate the deployment of your lab so you don't have to follow all these painful steps each time you want to deploy a clean environment. Kubespray is a Kubernetes incubator project. It is composed of Ansible playbook and automates the deployment of a Kubernetes cluster on an existing infrastructure. In this...
If you installed a Kubernetes cluster on-premise on baremetal or on virtual machines, you probably noticed that one of the missing features of your cluster is that you cannot use the type LoadBalancer when you declare a service as you would do with a Kubernetes cluster running on AWS, GCP or Azure. MetalLB is a load balancer designed to run on and to work with Kubernetes and it will allow you to use the type LoadBalancer when you declare a service. You can integrate MetalLB with your existing network equipment easily as it supports BGP, and also layer 2 configuration....
Hatchway is a VMware open source project. The goal of this project is to allow to use the vSphere storage technology with Docker containers and Kubernetes pods. Hatchway is composed of two projects: one is the plugin for Docker and the other one is vSphere Cloud Provider, which is the provider for Kubernetes. If you are using VMware vSAN, one of the main benefits of vSphere Cloud Provider is that you can leverage the vSAN storage policies. Prerequisites You must have a Kubernetes cluster running on VMware vSphere virtual machines and the VMware tools must be installed on each virtual...
Simon Guyennet
on Cloud, Kubernetes, Container, Active Directory, Authentication