<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/"><channel><title>Gclb on Brave New Geek</title><link>https://bravenewgeek.com/tag/gclb/</link><description>Recent content in Gclb on Brave New Geek</description><generator>Hugo</generator><language>en-us</language><lastBuildDate>Wed, 24 Jun 2020 11:31:44 -0500</lastBuildDate><atom:link href="https://bravenewgeek.com/tag/gclb/index.xml" rel="self" type="application/rss+xml"/><item><title>Using Google-Managed Certificates and Identity-Aware Proxy With GKE</title><link>https://bravenewgeek.com/using-google-managed-certificates-and-identity-aware-proxy-with-gke/</link><pubDate>Wed, 24 Jun 2020 11:31:44 -0500</pubDate><guid>https://bravenewgeek.com/using-google-managed-certificates-and-identity-aware-proxy-with-gke/</guid><description>&lt;p&gt;Ingress on Google Kubernetes Engine (GKE) uses a Google Cloud Load Balancer (GCLB). GCLB provides a single anycast IP that fronts all of your backend compute instances along with a lot of other &lt;a href="https://cloud.google.com/load-balancing"&gt;rich features&lt;/a&gt;. In order to create a GCLB that uses HTTPS, an SSL certificate needs to be associated with the ingress resource. This certificate can either be &lt;a href="https://cloud.google.com/load-balancing/docs/ssl-certificates/self-managed-certs"&gt;self-managed&lt;/a&gt; or &lt;a href="https://cloud.google.com/load-balancing/docs/ssl-certificates/google-managed-certs"&gt;Google-managed&lt;/a&gt;. The benefit of using a Google-managed certificate is that they are provisioned, renewed, and managed for your domain names by Google. These managed certificates can also be configured directly with GKE, meaning we can configure our certificates the same way we declaratively configure our other Kubernetes resources such as deployments, services, and ingresses.&lt;/p&gt;</description></item></channel></rss>