[ Kube 105.1 ] Kubernetes HA | Renew cluster certificates with Kubeadm

I just wanted speak for all the engineers out in the world. I greatly appreciate the content you provide, you have helped me for years! I hope you are in good health and you are a hero in my eyes!

dillonhansen

Hello, mate. Just want to say thank you and glad to see in comments that you okey

erics

Thank you for your tutorial, can you create a video "How to deploy private docker registry as a deployment on top of Kubernetes cluster?"

duyanh

Hi bro, how have you been? It’s been a long time. Please update and upload more videos. Thank you so much 🙏

dalh

it would have been nice to have seen all the certs regenerated & if any work was required on the worker node to have them still connect successfully to the control plane

davidbollman

Thanks for the video...this is the one I was searching a lot...it helped me to understand the renewal process have setup our cluster using internal CA cert and there is a requirement to replace it with external CA cert....do we have process to perform the ask

sureshjothiprakash

I would like to know the ssh terminal tool that you use in the video？

vitusyu

Thx for the video, but I have a question. Are we supposed to copy the new certs generated on the load balancer to the rest of the master nodes and worker nodes? or we only need to regen the certs on each of the node?

henryhuang

Hi, Thanks for all your video. I'm a beginner, in what order should I start learning from your channel ?

kingogovor

Thanks Venkat for your awesome videos. I am creating a custom dashboard the monitor the AKS cluster. But i dont want to copy the kubeconfig file to the dashboard. Is there any way to generate the config on the fly? Something like short living token.... And where were no videos for past three months. Hope all is well.

kannanswaminathan

Thanks Venkat, I have a question It will work if the cluster was deployed with kubespray?

raoufmnif

Venkat, Thanks for the very useful videos by you. can you make an video with hybrid cluster (windows+Linux) with ContainerD and Calico. Im looking to install Gitlab runner on it.

sujaykumar

Hi Venkat, could you please make a video on renew certificates if we have ETCD hosted on different machine with HA using Kubeadm utility. Thanks in advance

akshayjanrao

thanks for the video. If the cluster already has expired certificates, will this method work? it did not work for me and i had to reset/reinit all nodes

vitass

hi pls do a video on Installling multiple ingress controllers on kubernetes cluster with 1.22+ versions.

DevOps_with_shan

HI Venkat how are doing bro, why videos release so seldom(( all ok with you?

faridakbarov

Thanks, I think the point was the k8s certificates are not the same over a the master nodes. One question, when you upgrade the cluster, the certificates are renewed ?

javisartdesign

Sir I have one doubt..
If I have 10 microservices for all the microservices I have to write dockerfile and yaml manifest right? Also I need to keep it in a single github repo so that jenkins can clone it? Or there will be a seperate repo for each microservices? Then how jenkins will build 10 different microservices?

I would be greatful to you if clear this to me

zaibakhanum

Hi Venkat, I have a ha k8s 1.21 cluster setup using kubespray + keepalived & nginx for api load balancing. When i connect to api server using lb I get intermittent error: "Unable to connect to the server: x509: certificate signed by unknown authority". This is happening because all 3 kube apiserver have different apiserver.crt. Did you face a similar issue given you also have different certs on each api server.

gulshankhatri

Hai this is Janardhan, do you have an idea about multiple canary deployments with EASE MESH ??

janardhanm