Categories
containerization

keycloak certificate reloading

In my post on container lifetimes I discussed how I wanted to make keycloak perform dynamic SSL certificate reloading. The maximum lifetime of an SSL certificate is no longer dictated by the Certificate Authority, but rather a cabal of web browser developers who wield a big schwartz. I am using free certificates provided by Letsencrypt, you may think that is amateur or juvenile, but I think it’s extortion what CAs charge for a certificate.

Categories
containerization

on container lifetimes

My project uses containerization extensively and during development I’ve formed some opinions. I’ve learned that my views on process management are different than what seems to be the accepted standard.

The stack I’m working with consists of Keycloak for authentication, MySQL for database storage, Apache for HTTP, and Django to run the backend, with React on the frontend.

I’ve recently been working on orchestration, the “infrastructure as code” part of making my project run with templatable YAML files. I have a reasonably fast computer that I do primary development on, but even with that speed it takes a while to build containers and do other tasks.

The direction of containerization seems to be towards a tear it down and build a new one philosophy instead of trying to reuse existing container instances.