Apr 2, 2024

Kubernetes' Cert-Manager-Atlas Integration

Introduction

Cert-Manager is an open source project—originally created by Jetstack—that manages X.509 certificates specifically for cloud-native Kubernetes or OpenShift environments. And as noted in a CNCF blog published earlier in the year, this functionality has become important for those operating cloud-native environments to secure Orchestration resources.

The popularity of Cert-Manager comes from the fact that it solves a genuine problem for developers who want to use a solution that automates a development task that frees them to focus on building better and faster. As such, development team productivity increases, security is better managed, and web applications perform better.

• A popular tool used for managing and automating identities for cloud native environments.
• Over 5 million downloads a day.
• Cert-Manager was highlighted as being the go-to platform for secrets management among Kubernetes users.

Prerequisites

1. GlobalSign Atlas API credentials, mTLS Certificate
2. Cert-Manager-Atlas CRD
3. Cert-Manager

How to get GlobalSign Atlas API credentials, mTLS Certificate

1. Use your credentials to access the ATLAS portal: GMO GlobalSign Atlas.
   Or, contact sales if you don’t have an ATLAS account or the product.
2. Generate the API Credentials in the ATLAS Portal by following the guidelines found here:
   https://support.globalsign.com/atlas/general-category-faqs/api-related-faqs
3. Generate the mTLS Certificate by following the guidelines found here:
   https://support.globalsign.com/atlas/general-category-faqs/mtls-faqs

Cert-Manager Use Cases

1. Secure K8’s Ingress using Cert-Manager-Atlas Issuer
   https://www.globalsign.com/en/repository/securing_kubernetes.pdf
2. Secure Ingress in the AWS EKS Cluster using Cert-Manager-Atlas Issuer
   https://www.globalsign.com/en/repository/securing_aws_eks_kubernetes.pdf