luxolus
/
open-vault
2
0
Fork 0
Code Issues 1 Pull Requests Releases Activity

docs: Updating vault-helm service_registration docs (#9417) 

* Adding notes about ingress and route requirements

Specifically that they require vault 1.4 with service_registration
enabled. Also removed a stray block about extraVolumes.
This commit is contained in:
Theron Voran 2020-07-10 13:02:51 -07:00 committed by GitHub
parent 23a3375f98
commit a7522738b9
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 8 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
website/pages/docs/platform/k8s/helm/configuration.mdx
View File

@ -121,9 +121,10 @@ and consider if they're appropriate for your deployment.
* `ingress` - Values that configure Ingress services for Vault.
~> If deploying on OpenShift, these ingress settings are ignored. Use the [`route`](#route) configuration to expose Vault on OpenShift.
~> If deploying on OpenShift, these ingress settings are ignored. Use the [`route`](#route) configuration to expose Vault on OpenShift. <br/> <br/>
If [`ha`](#ha) is enabled the Ingress will point to the active vault server via the `active` Service. This requires vault 1.4+ and [service_registration](https://www.vaultproject.io/docs/configuration/service-registration/kubernetes) to be set in the vault config.
- `enabled` (`boolean: false`) - When set to `true`, an [Ingress](https://kubernetes.io/docs/concepts/services-networking/ingress/) service will be created. If [`ha`](#ha) is enabled the Ingress will point to the active vault server via the `active` Service.
- `enabled` (`boolean: false`) - When set to `true`, an [Ingress](https://kubernetes.io/docs/concepts/services-networking/ingress/) service will be created.
- `labels` (`dictionary: {}`) - Labels for the ingress service.
@ -155,7 +156,9 @@ and consider if they're appropriate for your deployment.
* `route` - Values that configure Route services for Vault in OpenShift
- `enabled` (`boolean: false`) - When set to `true`, a Route for Vault will be created. If [`ha`](#ha) is enabled the Route will point to the active vault server via the `active` Service.
~> If [`ha`](#ha) is enabled the Route will point to the active vault server via the `active` Service (requires vault 1.4+ and [service_registration](https://www.vaultproject.io/docs/configuration/service-registration/kubernetes) to be set in the vault config).
- `enabled` (`boolean: false`) - When set to `true`, a Route for Vault will be created.
- `labels` (`dictionary: {}`) - Labels for the Route
@ -381,11 +384,6 @@ and consider if they're appropriate for your deployment.
"sample/annotation2": "bar"
```
- `extraVolumes` - This configures the `Service` resource created for the Vault server.
- `enabled` (`boolean: true`) -
Enables a service to allow other pods running in Kubernetes to communicate with the Vault server.
- `dataStorage` - This configures the volume used for storing Vault data when not using external storage such as Consul.
- `enabled` (`boolean: true`) -

2
website/pages/docs/platform/k8s/helm/examples/ha-with-consul.mdx
View File

@ -62,4 +62,6 @@ server:
key_ring = "vault-unseal-kr"
crypto_key = "vault-unseal-key"
}
service_registration "kubernetes" {}
```