feat(vault): deploy HashiCorp Vault 2.0.1 via Helm chart (5-replica HA raft) #148
@@ -18,6 +18,13 @@ metadata:
|
||||
spec:
|
||||
gatewayClassName: traefik-internal
|
||||
listeners:
|
||||
- name: http
|
||||
|
unkinben marked this conversation as resolved
Outdated
|
||||
port: 80
|
||||
protocol: HTTP
|
||||
hostname: vault.k8s.syd1.au.unkin.net
|
||||
allowedRoutes:
|
||||
namespaces:
|
||||
from: Same
|
||||
- name: https
|
||||
port: 443
|
||||
protocol: HTTPS
|
||||
|
||||
@@ -1,6 +1,31 @@
|
||||
---
|
||||
apiVersion: gateway.networking.k8s.io/v1
|
||||
kind: HTTPRoute
|
||||
metadata:
|
||||
name: vault-http-redirect
|
||||
namespace: vault
|
||||
labels:
|
||||
app.kubernetes.io/name: vault
|
||||
app.kubernetes.io/instance: vault
|
||||
spec:
|
||||
hostnames:
|
||||
- vault.k8s.syd1.au.unkin.net
|
||||
|
unkinben marked this conversation as resolved
Outdated
unkinben
commented
I want this to respond to vault.service.consul and vault.query.consul too I want this to respond to vault.service.consul and vault.query.consul too
|
||||
parentRefs:
|
||||
- name: vault
|
||||
sectionName: http
|
||||
rules:
|
||||
- filters:
|
||||
- type: RequestRedirect
|
||||
requestRedirect:
|
||||
scheme: https
|
||||
statusCode: 301
|
||||
matches:
|
||||
- path:
|
||||
type: PathPrefix
|
||||
value: /
|
||||
---
|
||||
apiVersion: gateway.networking.k8s.io/v1
|
||||
kind: HTTPRoute
|
||||
metadata:
|
||||
name: vault
|
||||
namespace: vault
|
||||
|
||||
Reference in New Issue
Block a user
also listen on tcp 8200 to match the current production vault environment