crash.software
Projects
Pull Requests
Issues
Builds
wrongsecrets
Code
Files
Commits
Branches
Tags
Pull Requests
Code Comments
Code Compare
Issues
Builds
Statistics
Child Projects
cra.sh
RESTful API
Projects STRLCPY wrongsecrets Commits 408b4bfc
🤬
  • ■ ■ ■ ■ ■ ■
    k8s/helm-consul-values.yml
    1  -global:
    2  - datacenter: vault-kubernetes-tutorial
    3  - 
    4  -client:
    5  - enabled: true
    6  - 
    7  -server:
    8  - replicas: 1
    9  - bootstrapExpect: 1
    10  - disruptionBudget:
    11  - maxUnavailable: 0
    12  - 
  • ■ ■ ■ ■ ■ ■
    k8s/helm-vault-values.yml
    1  -server:
    2  - affinity:
    3  - ha:
    4  - enabled: true
    5  - storage: raft
    6  - 
  • ■ ■ ■ ■ ■ ■
    k8s-vault-minkube-start.sh
    skipped 35 lines
    36 36   helm repo add hashicorp https://helm.releases.hashicorp.com
    37 37  fi
    38 38  kubectl create ns vault
    39  -helm upgrade --install vault hashicorp/vault --version 0.23.0 --namespace vault --values k8s/helm-vault-values.yml
    40  - 
    41  -isvaultrunning=$(kubectl get pods -n vault --field-selector=status.phase=Running)
    42  -while [[ $isvaultrunning != *"vault-0"* ]]; do echo "waiting for Vault1" && sleep 2 && isvaultrunning=$(kubectl get pods -n vault --field-selector=status.phase=Running); done
    43  -while [[ $isvaultrunning != *"vault-1"* ]]; do echo "waiting for Vault2" && sleep 2 && isvaultrunning=$(kubectl get pods -n vault --field-selector=status.phase=Running); done
    44  -while [[ $isvaultrunning != *"vault-2"* ]]; do echo "waiting for Vault3" && sleep 2 && isvaultrunning=$(kubectl get pods -n vault --field-selector=status.phase=Running); done
     39 +helm install vault hashicorp/vault \
     40 + --set='server.ha.enabled=true' \
     41 + --set='server.ha.raft.enabled=true' \
     42 + --namespace vault
     43 +isvaultpending=$(kubectl get pods -n vault --field-selector=status.phase=Running)
     44 +while [[ $isvaultrunning != *"vault-0"* ]]; do echo "waiting for Vault1" && sleep 2 && isvaultrunning=$(kubectl get pods -n vault --field-selector=status.phase=Pending); done
     45 +while [[ $isvaultrunning != *"vault-1"* ]]; do echo "waiting for Vault2" && sleep 2 && isvaultrunning=$(kubectl get pods -n vault --field-selector=status.phase=Pending); done
     46 +while [[ $isvaultrunning != *"vault-2"* ]]; do echo "waiting for Vault3" && sleep 2 && isvaultrunning=$(kubectl get pods -n vault --field-selector=status.phase=Pending); done
    45 47  echo "Setting up port forwarding"
    46 48  kubectl port-forward vault-0 8200:8200 -n vault &
    47 49  echo "Unsealing Vault"
    skipped 5 lines
    53 55  echo "PLEASE COPY PASTE THE FOLLOWING VALUE: ${VAULT_UNSEAL_KEY} , you will be asked for it 3 times to unseal the vaults"
    54 56   
    55 57  kubectl exec -it vault-0 -n vault -- vault operator unseal $VAULT_UNSEAL_KEY
     58 +kubectl exec -ti vault-1 -- vault operator raft join http://vault-0.vault:8200
    56 59  kubectl exec -it vault-1 -n vault -- vault operator unseal $VAULT_UNSEAL_KEY
     60 +kubectl exec -ti vault-2 -- vault operator raft join http://vault-0.vault:8200
    57 61  kubectl exec -it vault-2 -n vault -- vault operator unseal $VAULT_UNSEAL_KEY
    58 62   
    59 63   
    skipped 61 lines
Please wait...
Page is in error, reload to recover