WEBVTT

00:00.000 --> 00:01.380
-: In the last section,

00:01.380 --> 00:04.170
we put together our certificate.YAML file.

00:04.170 --> 00:05.040
Now at the end of this section

00:05.040 --> 00:06.240
I said there was one last piece

00:06.240 --> 00:07.530
of configuration we have to do.

00:07.530 --> 00:08.940
It was a little bit off base there.

00:08.940 --> 00:11.790
We do have to do one last piece of configuration

00:11.790 --> 00:14.070
to our ingress, define inside

00:14.070 --> 00:16.230
of our ingress service.YAML file.

00:16.230 --> 00:18.750
But we actually only do that last piece of configuration

00:18.750 --> 00:21.540
after we have successfully retrieved our certificate.

00:21.540 --> 00:24.480
So the general flow here is that we get our issuer,

00:24.480 --> 00:26.883
we get our certificate, we deploy that.

00:28.140 --> 00:29.790
Cert manager is going to go through this

00:29.790 --> 00:32.400
back and forth process and get our certificate.

00:32.400 --> 00:35.160
And then only once we have it and we have it enhanced

00:35.160 --> 00:37.230
stored inside of a secret inside of our cluster

00:37.230 --> 00:39.330
are we going to go back to our ingress service

00:39.330 --> 00:43.590
and tell it to update itself to use this new certificate.

00:43.590 --> 00:44.790
So in other words, we're now at the point

00:44.790 --> 00:47.010
where we need to redeploy our application

00:47.010 --> 00:49.230
so that the issuer and the certificate files

00:49.230 --> 00:52.290
are created as objects inside of our cluster.

00:52.290 --> 00:55.230
Once we do that deployment, the cert manager

00:55.230 --> 00:57.240
that we already installed using helm is going

00:57.240 --> 00:59.070
to see the issuer and certificate

00:59.070 --> 01:00.870
and automatically go to this process

01:00.870 --> 01:03.060
of reaching out to let's encrypt.

01:03.060 --> 01:04.770
So to deploy our application,

01:04.770 --> 01:07.410
I'm going to flip back over to my terminal.

01:07.410 --> 01:10.740
Now I've been making all these changes on the devel branch.

01:10.740 --> 01:12.090
To be honest, I don't really wanna have to go

01:12.090 --> 01:14.250
through the process of creating a pole request

01:14.250 --> 01:15.960
and all that stuff again and have to wait

01:15.960 --> 01:19.230
for multiple runs of our travis CI server.

01:19.230 --> 01:20.730
So instead, I'm just going to change

01:20.730 --> 01:22.650
back over to my master branch

01:22.650 --> 01:25.350
and commit all of the work over on that branch

01:25.350 --> 01:28.470
and then push it directly to Master on GetHub.

01:28.470 --> 01:32.250
So to get started, I'm going to do a get checkout master.

01:32.250 --> 01:34.830
I'll then verify that I see all the changes

01:34.830 --> 01:36.540
that I just made to my project.

01:36.540 --> 01:39.210
So there's the two files we just added.

01:39.210 --> 01:42.180
I'm gonna do a get ad and a commit

01:42.180 --> 01:43.980
so I'll say added,

01:43.980 --> 01:45.633
certificate and issuer.

01:47.310 --> 01:51.033
And then I'm going to do a get push origin master.

01:52.500 --> 01:54.630
Oops, it looks like I've made a couple changes

01:54.630 --> 01:56.280
to my project up on GetHub.

01:56.280 --> 01:57.113
My mistake.

01:57.113 --> 01:59.640
So I need to just pull my changes down to do.

01:59.640 --> 02:02.973
So I'll do a get all origin master,

02:04.080 --> 02:04.913
and then it's going

02:04.913 --> 02:07.050
to automatically create a merge request here.

02:07.050 --> 02:08.650
So I'll do a right quit like so.

02:10.470 --> 02:13.863
So now I can do a get push origin master again.

02:14.700 --> 02:15.540
And there we go.

02:15.540 --> 02:17.010
All good to go.

02:17.010 --> 02:17.940
All right, so as usual

02:17.940 --> 02:19.920
this is going to be picked up by travis CI.

02:19.920 --> 02:22.020
It's gonna run our tests and then it's going to attempt

02:22.020 --> 02:24.450
to apply all the different config files

02:24.450 --> 02:26.250
in the K eight directory.

02:26.250 --> 02:29.610
Since we just created certificate.YAML and issuer.YMAL,

02:29.610 --> 02:31.890
they will both be created automatically

02:31.890 --> 02:34.830
by our Cube CTL command running over

02:34.830 --> 02:37.740
on the Travis CI instance.

02:37.740 --> 02:39.480
That will then update our cluster,

02:39.480 --> 02:40.800
creating those two objects.

02:40.800 --> 02:41.910
And then we should see the cluster

02:41.910 --> 02:43.830
essentially start to spring to life

02:43.830 --> 02:46.530
with the two new resources

02:46.530 --> 02:48.930
either inside of our workload section right here

02:48.930 --> 02:50.940
or the configuration section over here.

02:50.940 --> 02:52.290
And honestly, we should actually eventually

02:52.290 --> 02:53.670
see the configuration section,

02:53.670 --> 02:55.020
get that new certificate

02:55.020 --> 02:57.810
that we just asked to be created and stored.

02:57.810 --> 02:59.670
All right, so we're gonna take a pause right here.

02:59.670 --> 03:02.700
I'm gonna let Travis CI kick in and do its little thing.

03:02.700 --> 03:03.780
And now I'm just gonna stick around

03:03.780 --> 03:07.110
for about 5 or 10 minutes and allow time for Cert Manager

03:07.110 --> 03:09.180
to reach out and get that certificate.

03:09.180 --> 03:11.880
So in total, I'm gonna wait maybe 10, 15 minutes or so.

03:11.880 --> 03:14.880
So I'll take a quick break and see you in just a little bit.