You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
Sean Johnson 41beff87bc
bumped vault-k8s to 0.8.0
3 weeks ago
.circleci Use docker mirror (#189) 3 months ago
.github Update jira sync github action (#192) 3 months ago
agent-inject Release v0.8.0 4 weeks ago
build/docker bumped vault-k8s to 0.8.0 3 weeks ago
deploy Release v0.8.0 4 weeks ago
helper/cert Support for multiple replicas with auto-tls (#198) 2 months ago
leader Support for multiple replicas with auto-tls (#198) 2 months ago
subcommand Release v0.8.0 4 weeks ago
version Release v0.8.0 4 weeks ago
.gitignore (enable-release-pipeline) - Changes to enable release pipeline (#108) 11 months ago
CHANGELOG.md Release v0.8.0 4 weeks ago
LICENSE Initial commit 1 year ago
Makefile Release v0.8.0 4 weeks ago
README.md added fork info to readme 6 months ago
commands.go Agent Inject Admission Webhook 0.1.0 (#2) 1 year ago
go.mod Support for multiple replicas with auto-tls (#198) 2 months ago
go.sum Support for multiple replicas with auto-tls (#198) 2 months ago
kustomization.yaml Added kustomization.yaml for kustomize remote base (#43) 1 year ago
main.go Agent Inject Admission Webhook 0.1.0 (#2) 1 year ago

README.md

Fork Info

This is a basic fork for simplifying building multi-arch Docker images since my K8s cluster is a mix of arm64 and amd64 nodes.

Vault + Kubernetes (vault-k8s)

The vault-k8s binary includes first-class integrations between Vault and Kubernetes. Currently the only integration in this repository is the Vault Agent Sidecar Injector (agent-inject). In the future more integrations will be found here.

The Kubernetes integrations with Vault are documented directly on the Vault website. This README will present a basic overview of each use case, but for full documentation please reference the Vault website.

This project is versioned separately from Vault. Supported Vault versions for each feature will be noted below. By versioning this project separately, we can iterate on Kubernetes integrations more quickly and release new versions without forcing Vault users to do a full Vault upgrade.

Features

  • Agent Inject: Agent Inject is a mutation webhook controller that injects Vault Agent containers into pods meeting specific annotation criteria. (Requires Vault 1.3.1+)

Installation

vault-k8s is distributed in multiple forms:

  • The recommended installation method is the official Vault Helm chart. This will automatically configure the Vault and Kubernetes integration to run within an existing Kubernetes cluster.

  • A Docker image hashicorp/vault-k8s is available. This can be used to manually run vault-k8s within a scheduled environment.

  • Raw binaries are available in the HashiCorp releases directory. These can be used to run vault-k8s directly or build custom packages.