feat(vault): deploy HashiCorp Vault 2.0.1 via Helm chart (5-replica HA raft) #148

Merged
unkinben merged 5 commits from benvin/vault into main 2026-05-23 22:39:42 +10:00
2 changed files with 32 additions and 0 deletions
Showing only changes of commit baca4c94f1 - Show all commits
+7
View File
@@ -18,6 +18,13 @@ metadata:
spec:
gatewayClassName: traefik-internal
listeners:
- name: http
unkinben marked this conversation as resolved Outdated
Outdated
Review

also listen on tcp 8200 to match the current production vault environment

also listen on tcp 8200 to match the current production vault environment
port: 80
protocol: HTTP
hostname: vault.k8s.syd1.au.unkin.net
allowedRoutes:
namespaces:
from: Same
- name: https
port: 443
protocol: HTTPS
+25
View File
@@ -1,6 +1,31 @@
---
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
name: vault-http-redirect
namespace: vault
labels:
app.kubernetes.io/name: vault
app.kubernetes.io/instance: vault
spec:
hostnames:
- vault.k8s.syd1.au.unkin.net
unkinben marked this conversation as resolved Outdated
Outdated
Review

I want this to respond to vault.service.consul and vault.query.consul too

I want this to respond to vault.service.consul and vault.query.consul too
parentRefs:
- name: vault
sectionName: http
rules:
- filters:
- type: RequestRedirect
requestRedirect:
scheme: https
statusCode: 301
matches:
- path:
type: PathPrefix
value: /
---
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
name: vault
namespace: vault