Nicholas Lane is a Kubernetes Architect at VMware and formerly of Heptio. He’s been using Kubernetes since 2015 when he was a consultant for Red Hat working with OpenShift. Since then Nicholas has become a Kubernetes Org member, became involved in the Azure cluster-api project, and joined the Kubernetes release team. His previous speaking engagements include Kubernetes meetups across North America,at Red Hat Summit, and hosting the regular web series “The Cloud Native Social Hour”.
K8S Certificate Rotation, or How I learned to start worrying and never stop
This talk will explore the role the client, server, and cluster CA certificates play in a cluster and the ramifications of their expiration. We'll look at a cluster whose certificates have expired and what lead to that scenario. Finally, we'll look at techniques to avoid certificate expiration and how to recover an inoperable cluster.