f63f0912c6
Fixed typo in LetsEncrypt example Removed duplicate Datanet entry from main index.rst Reworked Use Kubernetes CPU Manager Static Policy prerequisite block. Restored fault/index version of FM toctree in top-level index. Added merged doc entries to top level index.rst. Incorporated review comments. Also some generic formatting clean-up such as converting abbreviations to rST-style :abbr: markup. Moved url with embedded substitution out of code-block. Addressed patch 2 review comments. Some addtional rST tidying. See comment replies for open questions/issues. This patch fixes an issue with 'stx' in filenames that may differ downstream using-an-image-from-the-local-docker-registry-in-a-container-spec new substitution and changing code-blocks to parsed-literals as required. Initial submission for review. Note that a couple of references to WR persist in examples. These will be marked up with comments in the review. Signed-off-by: Stone <ronald.stone@windriver.com> Change-Id: I1efef569842caff5def9dc00395b594d91d7a5d0 Signed-off-by: Stone <ronald.stone@windriver.com>
1.3 KiB
1.3 KiB
Vault Aware
The Vault Aware method involves writing an application to connect directly to a Vault server using Vault REST APIs. The Vault REST APIs requires an existing Auth method and policy to be created; the specific method depends on the client libraries used.
The Vault REST API is used to allow an application to read and/or write secrets to Vault, provided the applicable policy gives read and/or write permission at the specified Vault path. The Vault REST API can be accessed from application containers using the Vault endpoint sva-vault. Run the following command to view Vault endpoints:
$ kubectl get svc -n vault- Vault REST API:
- Client libraries: https://www.vaultproject.io/api/libraries.html
- Connect Vault with Python using the HVAC library: https://github.com/hvac/hvac