Erlang cluster on Kubernetes: Introduction

A few weeks ago, I decided to write a blog post about using mutual TLS to secure Erlang distribution (clustering), with auto-provisioning of certificates when running in Kubernetes. It took a little longer to write up than I expected, and turned into a series of blog posts.

• Introduction (this post; 2 years ago)
• Initial Deployment (2 years ago)
• HTTP Service (2 years ago)
• Speeding up the container build (2 years ago)
• Erlang Cookie (2 years ago)
• Erlang Clustering (2 years ago)
• TLS distribution (2 years ago)
• Simple init container (2 years ago)
• Creating CSRs with OpenSSL (2 years ago)
• Submitting CSRs to cert-manager (2 years ago)
• Using the generated certificates (2 years ago)
• SSH daemon (2 years ago)
• SSH public key authentication (2 years ago)
• Is it mutual? (2 years ago)
• Readiness Probe (2 years ago)
• Non-root user (2 years ago)
• pid zero (2 years ago)
• Namespace-scoped issuer (2 years ago)
• Polling CertificateRequest (2 years ago)
• CertificateRequest cleanup (2 years ago)
• Conclusion (2 years ago)

You can follow along by cloning the rlipscombe/erlang-cluster project from Github. The posts in this series and the merge commits in that project are broadly lined up.

I also spent about 8 hours rewriting the commit history of the project so that it forms a coherent story. Please feel free to read it as one.

Related posts

• Erlang clustering recap
• Erlang TLS Distribution
• Options for automatically creating certificates for mutual pod authentication
• Installing cert-manager
• Erlang application versioning

Follow-up posts

• Erlang cluster on Kubernetes: Fatal - Certificate Expired
• Erlang cluster on Kubernetes: Rotating CA certificates