{"blog_url":"https://dombri-dev.hateblo.jp/","width":"100%","provider_url":"https://hatena.blog","author_name":"dombri","author_url":"https://blog.hatena.ne.jp/dombri/","url":"https://dombri-dev.hateblo.jp/entry/2020/02/09/110445","blog_title":"note to self:","provider_name":"Hatena Blog","title":"Kubernetes the Hard Way on Azure : 4.CA, TLS","image_url":"https://cdn-ak.f.st-hatena.com/images/fotolife/d/dombri/20200209/20200209105537.jpg","categories":["Kubernetes","HardWay"],"type":"rich","height":"190","description":"\u3053\u3093\u306b\u3061\u306f\u3002 \u5f15\u304d\u7d9a\u304d\u3001Kubernetes the Hard Way on Azure \u3092\u9032\u3081\u3066\u3044\u304d\u307e\u3059\u3002 4. Provisioning a CA and Generating TLS Certificates \u3053\u306e\u30e9\u30dc\u3067\u306fCloudFlare \u306ePKI\u30c4\u30fc\u30eb\u30ad\u30c3\u30c8\u3067\u3042\u308bcfssl \u3092\u4f7f\u7528\u3057\u3066\u3001PKI\u30a4\u30f3\u30d5\u30e9\u30b9\u30c8\u30e9\u30af\u30c1\u30e3\u3092\u30d7\u30ed\u30d3\u30b8\u30e7\u30cb\u30f3\u30b0\u3057\u307e\u3059\u3002\u305d\u308c\u3092\u4f7f\u7528\u3057\u3066\u8a8d\u8a3c\u5c40\u3092\u30d6\u30fc\u30c8\u30b9\u30c8\u30e9\u30c3\u30d7\u3057\u3001etcd kube-apiserver kubelet kube-proxy \u306e\u30b3\u30f3\u30dd\u30fc\u30cd\u30f3\u30c8\u306eTLS\u8a3c\u660e\u66f8\u3092\u751f\u6210\u3057\u307e\u3059\u3002 \u4e3b\u306b\u3053\u306e\u8fba\u308a\u3002\u4eca\u307e\u3067\u306a\u304b\u3063\u305f\u6982\u5ff5\u306a\u306e\u3067\u6025\u907d\u66f8\u304d\u8db3\u3057\u307e\u3057\u305f\u3002 Certificate\u2026","version":"1.0","html":"<iframe src=\"https://hatenablog-parts.com/embed?url=https%3A%2F%2Fdombri-dev.hateblo.jp%2Fentry%2F2020%2F02%2F09%2F110445\" title=\"Kubernetes the Hard Way on Azure : 4.CA, TLS - note to self:\" class=\"embed-card embed-blogcard\" scrolling=\"no\" frameborder=\"0\" style=\"display: block; width: 100%; height: 190px; max-width: 500px; margin: 10px 0px;\"></iframe>","published":"2020-02-09 11:04:45"}