Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

The following sections assume that you are familiar with Load Balancing and MetalLB [INT ENT XY21.Z 3 ARC] and with the basic concepts of SSL/TLS.

...

The default product setup for Vidispine Enterprise MAM is to do TLS termination on the ingress controllers. When using MetalLB in layer-2 mode this is the preferred way to go.

...

Expand
titleDraw.io diagram view with the standard Confluence view.
Drawio
zoom1
simple0
inComment0
pageId1588759405
custContentId1588595789
lbox1
diagramDisplayNameTLS Termination On Ingress Controller
contentVer1
revision1
baseUrlhttps://vidispine.atlassian.net/wiki
diagramNameTLS Termination On Ingress Controller
pCenter0
width1098.0000000000002
links
tbstyle
height603.0000000000002

TLS Termination On External Load Balancer

When an external load balancer is used, TLS termination may be done by the load balancer. As updating the certificates is a regular task, this can then be done w/o touching the Kubernetes cluster.

...

Expand
titleDraw.io diagram view with the standard Confluence view.
Drawio
zoom1
simple0
inComment0
pageId1588759405
custContentId1588726965
lbox1
diagramDisplayNameTLS Termination On External Load Balancer
contentVer1
revision1
baseUrlhttps://vidispine.atlassian.net/wiki
diagramNameTLS Termination On External Load Balancer
pCenter0
width1098
links
tbstyle
height603

Certificate Requirements

The key building block for TLS termination are certificates. They serve two major purposes:

...