starlingx/docs
Code Issues Proposed changes
d466920c10
docs/doc/source/security/kubernetes/install-vault.rst
Dinesh Neelapu 3f34596403 vault chart version. 
Actual changes are already merged. This review is opened for a small fix.
For additional information for review approvals, see https://review.opendev.org/c/starlingx/docs/+/903150.

Change-Id: I2e0a6e1a5aa577fa9b2411ee3a21514f870ab23d
Signed-off-by: Dinesh Neelapu <dinesh.neelapu@windriver.com>
2023-12-11 03:13:30 +00:00

1.7 KiB
Raw Blame History

Install Vault

Vault is packaged as a system application and is managed using system application, and system helm-override commands.

Note

Vault requires a storage backend with PVC enabled (for example, Ceph).

To install Vault, use the following procedure:

  1. Locate the Vault tarball in /usr/local/share/applications/helm.

    For example, /usr/local/share/applications/helm/vault-<version>.tgz.

  2. Upload Vault, using the following command:

    $ system application-upload ``/usr/local/share/applications/helm/vault-<version>.tgz``

    Replace the <version> with appropriate version number.

  3. Verify the Vault tarball has been uploaded.

    $ system application-list

  4. Apply the Vault application.

    $ system application-apply vault

  5. Monitor the status.

    $ watch -n 5 system application-list

    or

    $ watch kubectl get pods -n vault

    It takes a few minutes for all the pods to start and for Vault-manager to initialize the cluster.

    The default configuration for the installed Vault application is:

    Vault-manager

    Runs as a statefulset, replica count of 1

    Vault-agent-injector

    Runs as a deployment, replica count of 1

    Vault

    Runs as statefulset, replica count is 1 on systems with fewer than 3 nodes, replica count is 3 on systems with 3 or more nodes

For more information, see Configure Vault <configure-vault>.