starlingx/docs
Code Issues Proposed changes
docs/doc/source/security/kubernetes/install-vault.rst
Keane Lim 3c5fa979a4 Security guide update 
Re-organized topic hierarchy

Tiny edit to restart review workflow.

Squashed with Resolved index.rst conflict commit

Change-Id: I13472792cb19d1e9975ac76c6954d38054d606c5
Signed-off-by: Keane Lim <keane.lim@windriver.com>
Signed-off-by: MCamp859 <maryx.camp@intel.com>
2021-03-12 15:10:40 -05:00

74 lines
1.6 KiB
ReStructuredText
Raw Blame History

.. ngo1596216203295
.. _install-vault:
=============
Install Vault
=============
Vault is packaged as an Armada system application and is managed using
:command:`system application`, and :command:`system helm-override` commands.
.. rubric:: |context|
.. note::
Vault requires a storage backend with PVC enabled \(for example, Ceph\).
To install Vault, use the following procedure:
.. rubric:: |proc|
#. Locate the Vault tarball in /usr/local/share/applications/helm.
For example, /usr/local/share/applications/helm/vault-20.06-9.tgz.
#. Upload Vault, using the following command:
.. code-block:: none
$ system application-upload /usr/local/share/applications/helm/vault-20.06-9.tgz
#. Verify the Vault tarball has been uploaded.
.. code-block:: none
$ system application-list
#. Apply the Vault application.
.. code-block:: none
$ system application-apply vault
#. Monitor the status.
.. code-block:: none
$ watch -n 5 system application-list
or
.. code-block:: none
$ watch kubectl get pods -n vault
It takes a few minutes for all the pods to start and for Vault-manager
to initialize the cluster.
The default configuration for the installed Vault application is:
**Vault-manager**
Runs as a statefulset, replica count of 1
**Vault-agent-injector**
Runs as a deployment, replica count of 1
**Vault**
Runs as statefulset, replica count is 1 on systems with fewer
than 3 nodes, replica count is 3 on systems with 3 or more nodes
For more information, see :ref:`Configure Vault <configure-vault>`.
View Git Blame Copy Permalink