Kubernetes.K3s.installLog/README.md at 54f66f35be8b86b35909b4141dca7be82220d887

djpbessems/Kubernetes.K3s.installLog

Fork 0

djpbessems c3c660cbd4 Vault--(reference docs left);SealedSecrets++

2022-01-09 20:16:16 +01:00

1.1 KiB

Raw Blame History

1) HashiCorp Vault

Not currently in use (using bitnami sealed-secrets instead); left for reference

1.1) Create `persistentVolume` and `ingressRoute`

Requires specifying a uid & gid in the flexvolSMB-persistentVolume

kubectl create namespace vault
kubectl apply -f services/Vault/persistentVolume-Vault.yml
kubectl apply -f services/Vault/ingressRoute-Vault.yml

1.2) Install Helm Chart

REMOVED; left for reference See HashiCorp Vault:

helm repo add hashicorp https://helm.releases.hashicorp.com
helm repo update
helm install vault hashicorp/vault --namespace vault --values=services/Vault/chart-values.yml

Configure Vault for use;

~~Enable Kubernetes authentication (see https://www.vaultproject.io/api-docs/auth/kubernetes)~~- Store basic access policy template
Enable kv-engine

# kubectl exec -n vault -it vault-0 -- sh

# It might be necessary to first login with an existing token:
# vault login

cat <<EOF > /home/vault/app-policy.hcl
path "secret*" {
  capabilities = ["read"]
}
EOF

vault secrets enable -path=secret -version=2 kv

1.1 KiB Raw Blame History

1) HashiCorp Vault

1.1) Create persistentVolume and ingressRoute

1.2) Install Helm Chart

1.1 KiB

Raw Blame History

1.1) Create `persistentVolume` and `ingressRoute`