diff --git a/website/content/docs/platform/k8s/vso/openshift.mdx b/website/content/docs/platform/k8s/vso/openshift.mdx new file mode 100644 index 000000000..93d5b1df5 --- /dev/null +++ b/website/content/docs/platform/k8s/vso/openshift.mdx @@ -0,0 +1,73 @@ +--- +layout: docs +page_title: Vault Secrets Operator on OpenShift +description: >- + The Vault Secrets Operator may be installed on OpenShift clusters via the embedded OperatorHub or the Helm chart. +--- + +# Run the Vault Secrets Operator on OpenShift + +The Vault Secrets Operator may be installed on OpenShift clusters via the embedded OperatorHub or the Helm chart. + +## OperatorHub + +The Vault Secrets Operator is certified by Red Hat and therefore included in the [OperatorHub section](https://access.redhat.com/documentation/en-us/openshift_container_platform/4.2/html/operators/olm-understanding-operatorhub) of an OpenShift cluster's web console. + +Navigate to the OperatorHub page of your OpenShift cluster and search for `Vault Secrets Operator`, then follow the instructions to install. + +## Helm chart + +The Vault Secrets Operator may also be installed in OpenShift using the Helm chart. (See [Installation](/vault/docs/platform/k8s/vso/installation) for an overview of installation using the [Helm chart](/vault/docs/platform/k8s/vso/helm).) The examples below show example [values.yaml files](https://helm.sh/docs/chart_template_guide/values_files/) for each configuration, which would be used with `helm install` as below: + +```shell-session +helm install vault-secrets-operator hashicorp/vault-secrets-operator \ + --create-namespace \ + --namespace vault-secrets-operator \ + --version 0.2.0 \ + --values values.yaml +``` + +For OpenShift, increasing the memory [requests and limits](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) has proven necessary in some cases, so those settings are included in the examples below. + +### Default images + +These values would use the [default operator image](/vault/docs/platform/k8s/vso/helm#v-controller-manager-image) from HashiCorp's [Docker Hub repository][dockerhub]. + +```yaml +controller: + manager: + resources: + limits: + memory: 256Mi + requests: + memory: 128Mi +``` + +### UBI-based images certified by Red Hat + +These values would use [UBI-based](https://developers.redhat.com/products/rhel/ubi) images from the [Red Hat's certified container registry](https://catalog.redhat.com/software/containers/hashicorp/vault-secrets-operator/64dd558c892694d397c4bb06). Authentication may be required. + +```yaml +controller: + kubeRbacProxy: + image: + repository: registry.redhat.io/openshift4/ose-kube-rbac-proxy + tag: v4.13.0 + manager: + image: + repository: registry.connect.redhat.com/hashicorp/vault-secrets-operator + tag: 0.2.0-ubi + resources: + limits: + memory: 256Mi + requests: + memory: 128Mi +``` + + + +UBI-based Vault Secrets Operator images are also published to HashiCorp's [DockerHub][dockerhub] and [Amazon ECR](https://gallery.ecr.aws/hashicorp/vault-secrets-operator) repositories. + + + +[dockerhub]: https://hub.docker.com/r/hashicorp/vault-secrets-operator diff --git a/website/data/docs-nav-data.json b/website/data/docs-nav-data.json index b2491f042..6666feb6e 100644 --- a/website/data/docs-nav-data.json +++ b/website/data/docs-nav-data.json @@ -1875,6 +1875,10 @@ { "title": "API Reference", "path": "platform/k8s/vso/api-reference" + }, + { + "title": "OpenShift", + "path": "platform/k8s/vso/openshift" } ] }