Enhance Redis TLS setup documentation and automate HAProxy secret synchronization#132
Enhance Redis TLS setup documentation and automate HAProxy secret synchronization#132
Conversation
…chronization - Updated the Redis TLS setup guide to reflect the automated synchronization of the HAProxy TLS secret with the main wildcard certificate. - Introduced a Kubernetes CronJob to manage the creation and updating of the HAProxy TLS secret, ensuring it remains in sync with the wildcard certificate. - Added detailed instructions and a sample CronJob manifest to facilitate the setup process. - Updated the Chart.lock file to reflect the latest dependencies. Signed-off-by: Awambeng Rodrick <awambengrodrick@gmail.com>
Awambeng
requested review from
Hermann-Core,
IngridPuppet and
forkimenjeckayang
IngridPuppet
left a comment
IngridPuppet
left a comment
There was a problem hiding this comment.
Aiming for an optimized process...
IngridPuppet
left a comment
IngridPuppet
left a comment
There was a problem hiding this comment.
The main comment was not sent.
…e Helm template Signed-off-by: Awambeng Rodrick <awambengrodrick@gmail.com>
IngridPuppet
left a comment
IngridPuppet
left a comment
There was a problem hiding this comment.
LGTM. Hello @forkimenjeckayang - I hope you get a chance to quickly check this, so you're updated on the new process.
I followed the discussion and agree on the conclusion you people arrived at. It LGTM too |
Hermann-Core
left a comment
Hermann-Core
left a comment
There was a problem hiding this comment.
Hello @Awambeng, I’m a bit confused here. Wouldn’t it be a simpler approach to configure the reverse proxy (for example, HAProxy) to use an automated certificate provisioning tool like certbot to manage the full certificate lifecycle?
This way, certificate issuance and renewal could be centralized at the proxy level for all services (e.g., Redis, Status List Server).
Signed-off-by: Awambeng Rodrick <awambengrodrick@gmail.com>
|
Ok let’s move on |
4 participants
Fixes #128