Erlang cluster on Kubernetes: Introduction
A few weeks ago, I decided to write a blog post about using mutual TLS to secure Erlang distribution (clustering), with auto-provisioning of certificates when running in Kubernetes. It took a little longer to write up than I expected, and turned into a series of blog posts.
- Introduction (this post; 2 years ago)
- Initial Deployment (2 years ago)
- HTTP Service (2 years ago)
- Speeding up the container build (2 years ago)
- Erlang Cookie (2 years ago)
- Erlang Clustering (2 years ago)
- TLS distribution (2 years ago)
- Simple init container (2 years ago)
- Creating CSRs with OpenSSL (2 years ago)
- Submitting CSRs to cert-manager (2 years ago)
- Using the generated certificates (2 years ago)
- SSH daemon (2 years ago)
- SSH public key authentication (2 years ago)
- Is it mutual? (2 years ago)
- Readiness Probe (2 years ago)
- Non-root user (2 years ago)
- pid zero (2 years ago)
- Namespace-scoped issuer (2 years ago)
- Polling CertificateRequest (2 years ago)
- CertificateRequest cleanup (2 years ago)
- Conclusion (2 years ago)
You can follow along by cloning the rlipscombe/erlang-cluster project from Github. The posts in this series and the merge commits in that project are broadly lined up.
I also spent about 8 hours rewriting the commit history of the project so that it forms a coherent story. Please feel free to read it as one.
Related posts
- Erlang clustering recap
- Erlang TLS Distribution
- Options for automatically creating certificates for mutual pod authentication
- Installing cert-manager
- Erlang application versioning