Add Helm instructions for Vault

author: Joe Banks <[email protected]> 2024-05-27 00:03:45 +0100
committer: Joe Banks <[email protected]> 2024-05-27 18:15:44 +0100
commit: a044ef952a9286a5eaba15446b86246a873ea0ff (patch)
tree: 65d09f4304786ee5a14baa39e821dacfe47f6a72 /kubernetes/namespaces/vault/README.md
parent: Add pydis.wtf cert to vault namespace (diff)
1 files changed, 29 insertions, 0 deletions
diff --git a/kubernetes/namespaces/vault/README.md b/kubernetes/namespaces/vault/README.md
new file mode 100644
index 0000000..5965862
--- /dev/null
+++ b/kubernetes/namespaces/vault/README.md
@@ -0,0 +1,29 @@
+# Vault
+
+We deploy an instance of [HashiCorp
+Vault](https://developer.hashicorp.com/vault) to store various types of secret
+data used on the cluster.
+
+We use it to issue X509 certificates for mutual TLS setups.
+
+As well as this, the Helm chart used allows for secret injection based on the
+annotations present in pods deployed to the cluster. See more
+[here](https://developer.hashicorp.com/vault/docs/platform/k8s/injector)
+
+# Setup
+
+1. Add the Helm repository for HashiCorp:
+
+``` sh
+$ helm repo add hashicorp https://helm.releases.hashicorp.com
+"hashicorp" has been added to your repositories
+```
+
+2. Install Vault to the `vault` namespace using the following command:
+
+``` sh
+$ helm install --create-namespace vault hashicorp/vault --namespace vault
+...
+```
+
+3. Voila, Vault is deployed in the `vault` namespace.
author	Joe Banks <[email protected]>	2024-05-27 00:03:45 +0100
committer	Joe Banks <[email protected]>	2024-05-27 18:15:44 +0100
commit	a044ef952a9286a5eaba15446b86246a873ea0ff (patch)
tree	65d09f4304786ee5a14baa39e821dacfe47f6a72 /kubernetes/namespaces/vault/README.md
parent	Add pydis.wtf cert to vault namespace (diff)