feat(vault): switch to Kubernetes service registration
Replaces Consul service registration with the native Kubernetes provider so Vault labels its own pods with active/standby status without requiring a Consul dependency.
This commit is contained in:
@@ -40,9 +40,7 @@ server:
|
||||
}
|
||||
}
|
||||
|
||||
service_registration "consul" {
|
||||
address = "consul-server.consul.svc.cluster.local:8500"
|
||||
}
|
||||
service_registration "kubernetes" {}
|
||||
|
||||
dataStorage:
|
||||
enabled: true
|
||||
@@ -50,6 +48,14 @@ server:
|
||||
storageClass: cephrbd-fast-delete
|
||||
accessMode: ReadWriteOnce
|
||||
|
||||
extraEnv:
|
||||
- name: VAULT_K8S_NAMESPACE
|
||||
value: vault
|
||||
- name: VAULT_K8S_POD_NAME
|
||||
valueFrom:
|
||||
fieldRef:
|
||||
fieldPath: metadata.name
|
||||
|
||||
statefulSet:
|
||||
securityContext:
|
||||
container:
|
||||
|
||||
Reference in New Issue
Block a user