Integrating cert-manager with Google Cloud Certificate Authority Service

cert-manager builds on top of Kubernetes, introducing certificate authorities and certificates as first-class resource types in the Kubernetes API. This makes it possible to provide ‘certificates as a service’ to developers working within your Kubernetes cluster. cert-manager is very popular with tens of thousands of users. cert-manager can be used for many different use cases within your clusters, including mutual TLS (mTLS) between workloads, and for securing traffic from end users with ingress.

Anthos Attached Clusters

Next in our series of posts taking a look at Google Cloud Anthos functionality, we’re going to take a look at attaching Kubernetes clusters running in AKS and EKS to Anthos in Google Cloud. This builds on the multi-cloud capabilties of Anthos we saw previously with GKE on AWS moving to GA. Anthos is orientated around being the management plane for all of your enterprise workload clusters, providing a centralised, consolidated hub to orchestrate infrastructure and applications.

GKE on AWS

This is the first in a series of posts taking a look at Google Cloud Anthos, and how it seeks to facilitate digital transformation and become the management plane for enterprise workloads across hybrid and multi-cloud environments, starting with GKE on AWS becoming generally available. The value proposition of Anthos is to enable environmental agnosticism, with containers and Kubernetes being the common denominator for our workloads. This allows for a level of portability through Anthos to manage workload deployments and lifecycles across multi-cloud (GCP, AWS and Azure), as well as on-prem data centres (VMWare & bare metal).

Container-Native Multi-Cluster Global Load Balancing With Cloud Armor on Google Cloud Platform

During a recent project, a Jetstack customer wanted to load balance global traffic to multiple Google Kubernetes Engine (GKE) clusters, while also benefiting from Google’s Cloud Armor to protect against denial of service (DoS) attacks. Additionally, they wanted to make use of container-native load balancing for improved traffic visibility and network performance.