Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details

All Projects → ipedrazas → vault-charts

ipedrazas / vault-charts

Licence: MIT license

Charts to deploy Hashicorp Vault in Kubernetes

Programming Languages

1635 projects

Labels

kubernetes helm helm-charts

Projects that are alternatives of or similar to vault-charts

Wattpad's tool for continuously deploying code to Kubernetes quickly, safely, and observably.

Stars: ✭ 14 (-6.67%)

Mutual labels: helm, helm-charts

Helm-Cheat-Sheet

A cheat sheet for Helm commands.

Stars: ✭ 72 (+380%)

Mutual labels: helm, helm-charts

Helm plugin for generation of TLS certificates

Stars: ✭ 15 (+0%)

Mutual labels: helm, helm-charts

🤖Collection of Makefiles to facilitate building Golang projects, Dockerfiles, Helm charts, and more

Stars: ✭ 236 (+1473.33%)

Mutual labels: helm, helm-charts

Helm chart for deploying a Matrix homeserver stack

Stars: ✭ 83 (+453.33%)

Mutual labels: helm, helm-charts

Helm charts for using F5 products and services in Kubernetes and OpenShift environments.

Stars: ✭ 28 (+86.67%)

Mutual labels: helm, helm-charts

clearml-server-helm

ClearML Server for Kubernetes Clusters Using Helm

Stars: ✭ 18 (+20%)

Mutual labels: helm, helm-charts

Populates Kubernetes Secrets from AWS Parameter Store

Stars: ✭ 150 (+900%)

Mutual labels: helm, helm-charts

OpenSourced Helm charts

Stars: ✭ 38 (+153.33%)

Mutual labels: helm, helm-charts

Community maintained Helm charts for Flux

Stars: ✭ 66 (+340%)

Mutual labels: helm, helm-charts

Comprehensive Distribution of Helmfiles for Kubernetes

Stars: ✭ 205 (+1266.67%)

Mutual labels: helm, helm-charts

Fairwinds helm chart repository

Stars: ✭ 99 (+560%)

Mutual labels: helm, helm-charts

Successor of zendesk/helm-secrets - A helm plugin that help manage secrets with Git workflow and store them anywhere

Stars: ✭ 165 (+1000%)

Mutual labels: helm, helm-charts

Source & Repo of https://charts.kubesphere.io/main & https://charts.kubesphere.io/test

Stars: ✭ 85 (+466.67%)

Mutual labels: helm, helm-charts

Helm Mapkubeapis

This is a Helm plugin which map deprecated or removed Kubernetes APIs in a release to supported APIs

Stars: ✭ 157 (+946.67%)

Mutual labels: helm, helm-charts

Deploy Kubernetes Helm Charts for Check Point CloudGuard

Stars: ✭ 18 (+20%)

Mutual labels: helm, helm-charts

A Helm 3 Controller

Stars: ✭ 129 (+760%)

Mutual labels: helm, helm-charts

JFrog official Helm Charts

Stars: ✭ 148 (+886.67%)

Mutual labels: helm, helm-charts

Camunda public Kubernetes Helm repo and charts

Stars: ✭ 33 (+120%)

Mutual labels: helm, helm-charts

A lightweight Docker image with various CLI tooling for working with Kubernetes.

Stars: ✭ 26 (+73.33%)

Mutual labels: helm, helm-charts

View All Similar Projects ➔

Vault charts

There are 2 charts in this repo:

Vault
Vault-ui

Vault secures, stores, and tightly controls access to tokens, passwords, certificates, API keys, and other secrets in modern computing. Vault handles leasing, key revocation, key rolling, and auditing. Through a unified API, users can access an encrypted Key/Value store and network encryption-as-a-service, or generate AWS IAM/STS credentials, SQL/NoSQL databases, X.509 certificates, SSH credentials, and more.

Running the helm chart

The easiest way of running vault is using the dev mode (please, do not use it in production).

helm install charts/vault

If you want to use the production mode you have to update the config.json key in the secret. Currently it is set up to use AWS S3 as the backend:

storage "s3" {
  access_key = "xxx"
  secret_key = "xxx"
  bucket     = "vault-bucket"
}

listener "tcp" {
  address     = "0.0.0.0:8200"
  tls_disable = 1
}

Seal/Unseal process

Unsealing makes the process of automating a Vault install difficult. Automated tools can easily install, configure, and start Vault, but unsealing it is a very manual process.

This complicates the use of Vault inside of Kubernetes, because if the pod dies, Kubernetes will start the pod again but it will be sealed.

When Vault starts it has to be initialised:

vault init

Unseal Key 1: YE8GePrAGb2dH0/O/Tzz2JxNuK9PWoEY8wHJ6v
Unseal Key 2: mNlbiZXxvaKwIKMAuAjAnWPeesWJS81i1ACvQ7
Unseal Key 3: tkDd5bCpFaUuF4S9iiBf2CrM//fT+aHYBrcwVc
Unseal Key 4: 1iUerpWSW6jdj3EtXiY9W10S0ngYdonQ8do8KQ
Unseal Key 5: fNNonAC4Fe6XScR/oHlhzPFW9rQeoEj1lL/Ktk
Initial Root Token: cd6edb9a-11f51-b14d-f7568f6e2661

Vault initialized with 5 keys and a key threshold of 3. Please
securely distribute the above keys. When the vault is re-sealed,
restarted, or stopped, you must provide at least 3 of these keys
to unseal it again.

Vault does not store the master key. Without at least 3 keys,
your vault will remain permanently sealed.

Once the vault has been initialised, it has to be unsealed:

vault unseal YE8GePrAGb2dH0/VxLt3ZO/Tzz2JxNuK9PWoEY8wHJ6v
vault unseal mNlbiZXxvaKwIKMAuzUymJxAjAnWPeesWJS81i1ACvQ7
vault unseal tkDd5bCpFaUuF4SLCjLzW9iiBf2CrM//fT+aHYBrcwVc

Running Vault-ui

Once the Vault has been unsealed, you can install a UI. This repo contains a chart with the vault-ui project by DJ Eniquez.

To run this chart you need 2 settings:

VAULT_URL_DEFAULT: http://vault-service-name:8200
VAULT_AUTH_DEFAULT: by default is token, but you can use any of the 4 options provided.

helm install charts/vault-ui --set vault.url=http://MY_RELEASE-vault:8200"

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].

Stars: ✭ 15

Visit Git Page 🔗Visit User Page 🔗Visit Issues Page (1) 🔗