Créer un compteSe connecter

Recherches récentes

Aucune recherche récente

Options de recherche

Disponible uniquement lorsque vous êtes connecté.
mastouille.fr est l'un des nombreux serveurs Mastodon indépendants que vous pouvez utiliser pour participer au fédiverse.
Mastouille est une instance Mastodon durable, ouverte, et hébergée en France.

Administré par :

Statistiques du serveur :

583
comptes actifs

mastouille.fr: À proposAnnuaire des profilsPolitique de confidentialité

Mastodon: À proposTélécharger l’applicationRaccourcis clavierVoir le code sourcev4.3.4

#GatewayAPI

0 message0 participant0 message aujourd’hui
Suite du fil
Public
Mauricio Teixeira 🇺🇸🇧🇷

Okay, this is weird. The ACME HTTP01 validation with Cilium Gateway API, when 301 redirect from 80 to 443 is enabled, some times works, some times doesn't. Apparently it's a coin toss of whoever comes first: the application httproute or the acme solver httproute.

Does anyone have a *working* solution for that scenario?

What the scenario is: Cilium 1.18.1, Gateway API enabled, cert-manager 1.18.2 (numbers coincidence) with HTTP01 ACME solver. The certificate order is issued, the acme solver pod is created, but the ACME challenge gets redirected to HTTPS, so it never completes.

PS: No, I can't use DNS01 due to limitations on my DNS server.

#HomeLab#GatewayAPI#Cilium
Public
Mauricio Teixeira 🇺🇸🇧🇷

Sometimes I don't know if GatewayAPI is overkill for my home lab use, or if I'm just doing it wrong. The fact is that cert-manager acme http01 validation with http to https redirect is driving me crazy, and I can't figure out an easy way out.

Right now my gut is telling me to tear everything down and start over, because I feel like I did something wrong right at the initial deployment.

Yes, this post is vague on purpose, as I'm not ready to share my shame, I just need to vent. But if you do have a "this is the happy path" tutorial, I would not oppose to reading it.

#HomeLab#GatewayAPI#Kubernetes
Public
Nicolas Fränkel 🇺🇦🇬🇪

Exposing #OTelCollector in #Kubernetes with #GatewayAPI & #mTLS

opentelemetry.io/blog/2025/exp

OpenTelemetry · Exposing OTel Collector in Kubernetes with Gateway API & mTLSThe goal of this blog post is to demonstrate how you can expose an OpenTelemetry (OTel) Collector running inside Kubernetes to the outside world securely, using the Kubernetes Gateway API and mutual TLS (mTLS) for authentication and encryption. As observability becomes increasingly critical in modern distributed systems, centralizing telemetry data via OTel Collectors deployed in one or many Kubernetes clusters is common practice. Often, services or agents running outside your Kubernetes cluster need to send data to these Collectors. Exposing internal services requires careful consideration of security and standardization. This is where the Kubernetes Gateway API and mTLS shine.
Public *
René Dudfield

I'm going to be at #kubecon. At the maintainers summit beforehand, at the contribfest, and at the #headlamp project pavilion.

Contribfest session: kccnceu2025.sched.com/event/1t

I'm looking forward to connecting with folks working on different projects. People have been quite busy building out Headlamp Kubernetes UIs for ecosystem tooling and standards like #gatewayapi #prometheus #keda #flux #minikube #backstage #inspektorgadget #flagger and #certmanager

kccnceu2025.sched.comKubeCon + CloudNativeCon Europe 2025: 🚨 Contribfest: Make Your Own UI for Kube...View more about this event at KubeCon + CloudNativeCon Europe 2025
#Kubernetes#cncf#cloudnativecon
ExplorerFlux en direct
À propos