We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
We want to expose TLS endpoint with usage of provided and generation of self-signed certificate according this to Hashicorp Vault tcp configuration documentation: https://www.vaultproject.io/docs/configuration/listener/tcp
e.g.: listener "tcp" { address = "0.0.0.0:8200" tls_cert_file = "/path/to/fullchain.pem" tls_key_file = "/path/to/privkey.pem" tls_disable = false }
Parameters in configuration file should allow to work with existing previous non-TLS configuration. TLS support for version 1.2.
The text was updated successfully, but these errors were encountered:
vault login
vault kv put secret/devwebapp/config username='giraffe' password='salsa'
apiVersion: apps/v1 kind: Deployment metadata: name: devwebapp labels: app: devwebapp spec: replicas: 1 selector: matchLabels: app: devwebapp template: metadata: labels: app: devwebapp annotations: vault.hashicorp.com/agent-inject: "true" vault.hashicorp.com/role: "devweb-app" vault.hashicorp.com/agent-inject-secret-credentials.txt: "secret/data/devwebapp/config" vault.hashicorp.com/tls-skip-verify: "true" spec: serviceAccountName: internal-app containers: - name: app image: busybox command: - sleep - "3600" imagePullPolicy: IfNotPresent
kubectl logs -f $(kubectl get pods | grep devwebapp | awk '{ print $1 }') -c vault-agent-init
and look for output similar to the one below:
2020/06/25 09:24:49.417623 [INFO] (runner) rendered "(dynamic)" => "/vault/secrets/credentials.txt" 2020/06/25 09:24:49.417657 [INFO] (runner) stopping 2020-06-25T09:24:49.417Z [INFO] template.server: template server stopped 2020/06/25 09:24:49.417729 [INFO] (runner) received finish
kubectl exec -ti $(kubectl get pods | grep devwebapp | awk '{ print $1 }') -c app -- cat /vault/secrets/credentials.txt
Sorry, something went wrong.
sk4zuzu
ar3ndt
Successfully merging a pull request may close this issue.
We want to expose TLS endpoint with usage of provided and generation of self-signed certificate according this to Hashicorp Vault tcp configuration documentation:
https://www.vaultproject.io/docs/configuration/listener/tcp
e.g.:
listener "tcp" {
address = "0.0.0.0:8200"
tls_cert_file = "/path/to/fullchain.pem"
tls_key_file = "/path/to/privkey.pem"
tls_disable = false
}
Parameters in configuration file should allow to work with existing previous non-TLS configuration. TLS support for version 1.2.
The text was updated successfully, but these errors were encountered: