##About Rootconf 2019:
The seventh edition of Rootconf is a two-track conference with:
- Security talks and tutorials in audi 1 and 2 on 21 June.
- Talks on DevOps, distributed systems and SRE in audi 1 and audi 2 on 22 June.
##Topics and schedule:
View full schedule here: https://hasgeek.com/rootconf/2019/schedule
Rootconf 2019 includes talks and Birds of Feather (BOF) sessions on:
- OSINT and its applications
- Key management, encryption and its costs
- Running a bug bounty programme in your organization
- PolarDB architecture as Cloud Native Architecture, developed by Alibaba Cloud
- Vitess
- SRE and running distributed teams
- Routing security
- Log analytics
- Enabling SRE via automated feedback loops
- TOR for DevOps
##Who should attend Rootconf?
- DevOps programmers
- DevOps leads
- Systems engineers
- Infrastructure security professionals and experts
- DevSecOps teams
- Cloud service providers
- Companies with heavy cloud usage
- Providers of the pieces on which an organization’s IT infrastructure runs -- monitoring, log management, alerting, etc
- Organizations dealing with large network systems where data must be protected
- VPs of engineering
- Engineering managers looking to optimize infrastructure and teams
For information about Rootconf and bulk ticket purchases, contact info@hasgeek.com or call 7676332020. Only community sponsorships available.
##Rootconf 2019 sponsors:
#Platinum Sponsor
 |
 |
|
#Gold Sponsors
 |
 |
 |
#Silver Sponsors
 |
 |
 |
#Bronze Sponsors
 |
 |
 |
 |
 |
 |
#Exhibition Sponsor
 |
|
|
#Community Sponsors
 |
|
 |
TR
Tasdik Rahman
@tasdikrahmangojek
Kingsly - The Cert Manager
Submitted Jun 8, 2019
Section:
Crisp talk
Technical level:
Beginner
Session type:
Lecture
Problem Statement
Manage SSL/TLS certificate lifecycle for various backends which would include but not limited to
- IPSec VPNs
- HAProxy/envoy proxy
Existing Solutions
Generate certs using openssl(error prone) or use managed solution(expensive)
Solution
- We built kingsly, which would act as broker between clients and letsencrypt, serving the clients with SSL certs.
- It takes care of renewal of certs before their expiry dates.
- extensible by writing custom clients to automate the whole manual process of updating certs with an example client.
Outline
Will go over the problem statement of how managing certs was a difficult problem for us and then how we went ahead solving it using kingsly.
Speaker bio
Product Engineer @ Gojek, Contributor to @oVirt, Backpacker, Weekend chef, theatre enthusiast.
Links
- https://blog.gojekengineering.com/introducing-kingsly-the-cert-manager-ced40746aa65
- https://github.com/gojekfarm/kingsly
- https://github.com/gojekfarm/kingsly-certbot
- https://github.com/gojekfarm/kingsly-certbot-cookbook
- https://github.com/gojekfarm/iap_auth
- https://github.com/gojekfarm/iap-auth-cookbook
{{ gettext('Login to leave a comment') }}
{{ gettext('Post a comment…') }}{{ errorMsg }}
{{ gettext('No comments posted yet') }}