Face Your X.509 Fears: Automating Certificate Rotation for Cloud Foundry - Iryna Shustava, Pivotal

October 16, 2018

Face Your X.509 Fears: Automating Certificate Rotation for Cloud Foundry - Iryna Shustava, Pivotal As Cloud Foundry achieves its goal to be secure by default, the number of certificates and certificate authorities an operator needs to worry about increases. This introduces a burden for Cloud Foundry operators to manage those certificates and monitor their lifespan. In the past year there have been significant improvements to credential management with tools like CredHub, which make generating and storing deployment credentials very easy. The next step is to address credential rotation. What to do if your certificates expire in two days? If you have ever rotated Cloud Foundry certificates, you know that it is hard, error-prone and can result in downtime. This talk will explore how to streamline this process with Concourse, BOSH, and CredHub. We will show a real Concourse pipeline that rotates all certificates with zero application downtime. https://cfseu18.sched.com/event/Gorr/face-your-x509-fears-automating-certificate-rotation-for-cloud-foundry-iryna-shustava-pivotal

Reviving the Platform Every Day - Emmanouil Kiagias & Josh Hill, Pivotal

Reviving the Platform Every Day - Emmanouil Kiagias & Josh Hill, Pivotal Natural disaster hit your data ce...

Next Video

Panel: Powering Hyper-Growth in e-Mobility With Cloud Foundry

Panel: Powering Hyper-Growth in e-Mobility With Cloud Foundry - Kerstin Daher, Pivotal, Janardhan Vittal, W...

Face Your X.509 Fears: Automating Certificate Rotation for Cloud Foundry - Iryna Shustava, Pivotal

Previous

Next Video

Most Recent

Updated video of pushing the Spring Music Java application to Cloud Foundry provided by Tanzu Application Service. We push an app, bind it to a database, and scale it up in just a few minutes.

Streams, batches, and microservices. Oh My! Data integration and related workloads are at the foundation of all enterprise workloads. They ingest streams of events. They process large batches. How do

Streams, batches, and microservices. Oh My! Data integration and related workloads are at the foundation of all enterprise workloads. They ingest streams of events. They process large batches. How do

Day 2: Spring Tips: Configuration Hi, Spring fans! Spring is an inversion-of-control container. Inversion of control insulates objects from the knowledge of how a collaborating object on which they d

Hi, Spring fans! Spring is an inversion-of-control container. Inversion of control insulates objects from the knowledge of how a collaborating object on which they depend are created. It also insulate

Learn about the framework that enables enterprises to become wildly successful with Kubernetes based platforms in partnership with VMware Pivotal Labs. Learn more at tanzu.vmware.com/application-moder

With Kubernetes, everything from deployment to monitoring to scaling is more standardized and inherently easier to automate. This presents the possibility to achieve a more effective and comprehensive

With Kubernetes, everything from deployment to monitoring to scaling is more standardized and inherently easier to automate. This presents the possibility to achieve a more effective and comprehensive

Christopher Livermore, Head of Site Reliability Engineering, at Hive tells how Tanzu Observability by Wavefront helps Hive measure and deliver reliability, security, and efficiency for their customers

They call RabbitMQ the swiss army knife of messaging systems, but what impact do all those features have on performance? In this talk we'll review common features and their effect on end-to-end laten

Today, Bloomberg's many engineering teams around the globe have the luxury of access to a fully-managed RabbitMQ platform. This enables them to achieve scalability, flexibility, and maintainability,

It's time to talk about the current state and future for the most widely deployed open source message broker in the world. Selected guests takes part in a panel debate, including questions from the au

In order to detect anomalies and prevent runtime issues that can compromise the delivery of business services that depend on RabbitMQ, effective monitoring, alerting and analytics tools can make a big

CloudAMQP provides RabbitMQ clusters as a service, but what happens behind the scenes? CloudAMQP is powered by a number of RabbitMQ servers that provide various functionality in setting up, configuri

RabbitMQ is a multi-protocol messaging broker, which, on a vanilla installation supports AMQP-0.9-1 (and AMQP-0.8). Through its plugin architecture, RabbitMQ may also be configured to act as a messagi

In this session we explore a variety of modern event processing and streaming solutions built on top of RabbitMQ. We will demonstrate how Spring Cloud Streams and RabbitMQ provide abstractions for dev

Almost every introduction to publish-subscribe technology embraces a model where different message types appear on correspondingly distinct topics. Unfortunately this introduces a rather fundamental f