Greatly and neatly explained with so much clarity

Thank you very much Geert :) your video is really helpful

Hi @Geert, great video. Have you tried akv secret store csi to sync cert? Is there an advantage of using akv2aks components?

@GeertBaeke

3 жыл бұрын

I have worked with the secrets store CSI driver and the provider for Azure Key Vault. The advantage is of course its support for multiple providers and not just Key Vault. In general though, if it's AKS and Key Vault, I tend to go for this akv2k8s controller due to its simplicity. The CSI driver is a bit more complex. akv2aks also has an injector if you want to inject secrets into pods directly... Thanks for watching!

Hi @Geert, does akv2k8s controller only syncs self-signed cert from KV? I tried with a certificate issued by an integrated CA in KV and it does not work, it did generated a tls secret but when I run kubectl view cert, it return empty. When try use this tls secret in ingress and deploy, the cert shows invalid:NET::ERR_CERT_AUTHORITY_INVALID and has the wrong issuer, it shows Issued by: Kubernetes Ingress Controller Fake Certificate.