[Hands-on] Kubernetes Pod Certificate Request introduced in v1.35
Goal [!NOTE] In hurry? Jump to the result! The goal of this document is to generate auto signed certificate for any pod with the following projected volumes: volumes: - name: creds projected: sourc...
![[Hands-on] Kubernetes Pod Certificate Request introduced in v1.35](https://media2.dev.to/dynamic/image/width=1200,height=627,fit=cover,gravity=auto,format=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F66tfmwgxq6zoaom3f0qq.png)
Source: DEV Community
Goal [!NOTE] In hurry? Jump to the result! The goal of this document is to generate auto signed certificate for any pod with the following projected volumes: volumes: - name: creds projected: sources: - podCertificate: signerName: row-major.net/spiffe keyType: ED25519 credentialBundlePath: service.crt keyPath: service.key - clusterTrustBundle: name: row-major.net:spiffe:primary-bundle path: ca.crt Table of Contents cover_image: ./thumbnail.png Goal Table of Contents Walkthrough Setup: Working Directory Setup: Kind Cluster with Cert Provisioning Enabled Setup: Mash Controller Deployed Verify: Auto Distributed Certificate Feature on Sample Deployment What's next? Closing Walkthrough Here is the step-by-step record of how I achieved the goal. Setup: Working Directory Let's quickly create a test directory build: test_name=pod_certificate_request tmp_dir=$(date +%y%m%d_%H%M%S_$test_name) mkdir -p ~/test_dive/$tmp_dir cd ~/test_dive/$tmp_dir Setup: Kind Cluster with Cert Provisioning Enabled
![[Hands-on] Testing Separate Ports in Athenz ZTS](https://media2.dev.to/dynamic/image/width=1200,height=627,fit=cover,gravity=auto,format=auto/https%3A%2F%2Fraw.githubusercontent.com%2Fmlajkim%2Fdive-deep%2Fmain%2Fweekly_dives%2Fathenz%2F260329_hands_on_separate_port_in_athenz_zts%2Fthumbnail.png)
