K
Q

Hashicorp Vault. Kubernetes Auth

12/3/2020

Could you please say. I'm add in the volt-agent to the main pod. The secret of the norms is drawn from the volt and added to the pod, along the path /vault/secrets/credentials.txt in the format

last_vault_rotation: 2020-12-02T12:37:20.440116271+06:00
password: <password>
rotation_period: 604800
ttl: 506735
username: <username>

Deploying into kuber using helm. Question: how to make sure that the pod sees the credentials (lying in the pod file system) and pulls them up to connect to the database? I'm added this code to Helm Deployment file

        vault.hashicorp.com/agent-inject: "true"
        vault.hashicorp.com/agent-inject-status: "update"
        vault.hashicorp.com/role: "k8s_doc_user-test"
        vault.hashicorp.com/agent-inject-secret-db-creds: "database/static-creds/doc_user-test-rotate"
        vault.hashicorp.com/agent-inject-template-db-creds: |
          {{`{{- with secret "database/static-creds/doc_user-test-rotate" -}}
        postgres://{{ .Data.data.username }}:{{ .Data.data.password }}@<ip-addr>:5432/aux_db?sslmode=disable
        {{- end }}`}}

But not working

-- Yerlan
hashicorp-vault
kubernetes

Similar Questions

kubernetes not able to pull image from spark master host
Numpy and other library dependencies for Spark application on Kubernetes
Not able to delete kubernetes cluster in GKE
Istio breaks MySQL connection
Expose opensource Helm charts through Istio Gateway/VirtualService

0 Answers