Go
Need help with vault-k8s?
Click the “chat” button below for chat support from the developer who created it, or find similar developers for support.
hashicorp

Description

First-class support for Vault and Kubernetes.

345 Stars 67 Forks Mozilla Public License 2.0 81 Commits 70 Opened issues

Services available

Need anything else?

Vault + Kubernetes (vault-k8s)

The

vault-k8s
binary includes first-class integrations between Vault and Kubernetes. Currently the only integration in this repository is the Vault Agent Sidecar Injector (
agent-inject
). In the future more integrations will be found here.

The Kubernetes integrations with Vault are documented directly on the Vault website. This README will present a basic overview of each use case, but for full documentation please reference the Vault website.

This project is versioned separately from Vault. Supported Vault versions for each feature will be noted below. By versioning this project separately, we can iterate on Kubernetes integrations more quickly and release new versions without forcing Vault users to do a full Vault upgrade.

Features

  • Agent Inject: Agent Inject is a mutation webhook controller that injects Vault Agent containers into pods meeting specific annotation criteria. (Requires Vault 1.3.1+)

Installation

vault-k8s
is distributed in multiple forms:
  • The recommended installation method is the official Vault Helm chart. This will automatically configure the Vault and Kubernetes integration to run within an existing Kubernetes cluster.

  • A Docker image

    hashicorp/vault-k8s
    is available. This can be used to manually run

    vault-k8s
    within a scheduled environment.
  • Raw binaries are available in the HashiCorp releases directory. These can be used to run vault-k8s directly or build custom packages.

We use cookies. If you continue to browse the site, you agree to the use of cookies. For more information on our use of cookies please see our Privacy Policy.