Comments (4)
Hi @paulwitt where is the hostNetwork config? I'm trying to run vault on EKS as well and the injector fails to initialize in the deployment
from vault-k8s.
Hi @paulwitt where is the hostNetwork config? I'm trying to run vault on EKS as well and the injector fails to initialize in the deployment
I'm not sure I understand the question (probably because it's the weekend and I shut this part of my brain off on the weekend) but by host network I mean simply to tell k8s that the pod needs to use whatever network your EC2s are using. In our case it's a 10. subnet. This is just done by using hostNetwork: true
in your deployment yaml. All you're looking for is the IP of your pod to match the IP of your EC2 (kubectl get pods -o wide
)
Does that answer your question?
from vault-k8s.
Hi @paulwitt where is the hostNetwork config? I'm trying to run vault on EKS as well and the injector fails to initialize in the deployment
I'm not sure I understand the question (probably because it's the weekend and I shut this part of my brain off on the weekend) but by host network I mean simply to tell k8s that the pod needs to use whatever network your EC2s are using. In our case it's a 10. subnet. This is just done by using
hostNetwork: true
in your deployment yaml. All you're looking for is the IP of your pod to match the IP of your EC2 (kubectl get pods -o wide
)Does that answer your question?
thx for responding @paulwitt. my issue turned out to be something else. i'm good now.
from vault-k8s.
Looks like this was added in hashicorp/vault-helm#471
from vault-k8s.
Related Issues (20)
- Allow configuration of the init/sidecar container names globally HOT 1
- Injected config tries to use IRSA token instead of the k8s service account token
- Webhook tries to add initContainer during UPDATE HOT 4
- Stuned deleting of a pod whose parents are job.
- vault.hashicorp.com/agent-init-first does not work with init containers coming from annotations
- Azure authentication method doesn't work with federated token
- Support for an agent-image built FROM scratch
- Auth config block can support common arguments from env and flags
- Tokens not revoked on Vault Agent Shutdown created via a Job using the /agent/v1/quit endpoint HOT 3
- Pipeline Request: Rebuild Dockerhub Image HOT 1
- Support for a securityContext.seccompProfile configuration HOT 1
- Support vault secret inject while the main pod "automountServiceAccountToken" set false HOT 1
- [controller-runtime] log.SetLogger(...) was never called; logs will not be displayed. HOT 1
- Sidecar agent does not handle manually rotated static database secret
- Inject the Agent as a native sidecar HOT 2
- Allow patching the Agent's configuration HOT 3
- vault agent export container port for scape metrics through podmonitor
- Problems encountered using consul as a storage backend
- Problems when using GCP KMS decryption
- Injected Agent config uses `token_path` instead of `path` for `jwt` auth method
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from vault-k8s.