custom tls certs

#

I run my own CA on my lab network. It’s a learning experience, and might be useful. That’s probably debatable.

I’ve been trying to learn ECK. For work, I swear (a lot really). Anyway, I got things working in a minimal fashion, so I made it harder by trying to use certs from my personal CA.

Everytime I tried the pod never showed up. Turns out I was using an encrypted tls key. I should have thought about that, I knew I hadn’t put the passphrase anywhere. I probably assumed it was unencrypted, but I never thought to check. Anyway, Updating that part of my documentation.

Also, maybe unrelated (except it was a problem while learning the above), If the persistentVolumeReclaimPolicy is set to Retain, the data on the disk doesn’t get deleted automagically. It’ll have to be done manually.

Yet another fun thing to learn on the fly!