Consul: Update integrate/vault/k8s for v1.21 and v1.22 #1560
Conversation
Vercel Previews Deployed
|
Broken Link CheckerNo broken links found! 🎉 |
boruszak
left a comment
boruszak
left a comment
There was a problem hiding this comment.
This was especially long, so after you implement the suggestions I'm going to need another read-through before I approve.
| </CodeBlockConfig> | ||
|
|
||
| ## Configure Kubernetes authentication roles in Vault | ||
| #### Configure Kubernetes authentication |
There was a problem hiding this comment.
| #### Configure Kubernetes authentication | |
| ### Configure Kubernetes authentication |
There was a problem hiding this comment.
@krastin is this part of the Setup PKI secrets engine for TLS and service mesh CA header? It does not seem so from the workflow...I think that this should be an H2.
| The repository contains a configuration file for your Helm chart, named `consul-ent-values.yaml`. | ||
|
|
||
| Open the file and modify the configuration to use your `$VAULT_PRIVATE_ADDR`. | ||
| #### Configure Consul Helm chart to use Vault as secrets manager |
There was a problem hiding this comment.
| #### Configure Consul Helm chart to use Vault as secrets manager | |
| ### Configure Consul Helm chart to use Vault as secrets manager |
There was a problem hiding this comment.
@krastin I think that this also should be an H2 and should be included in the workflow.
| configuration required to complete this tutorial. | ||
|
|
||
| <CodeTabs tabs={[ "HTTPS", "SSH"]}> | ||
| First, enable a key/value v2 secrets engine at the `consul/` path. |
There was a problem hiding this comment.
I think we need also Vault existence as a prerequisite.
- **Vault:** you need a running Vault cluster in your network. You can use a [local Vault dev server](/vault/tutorials/get-started/setup#set-up-the-lab) or an existing Vault deployment.
- Configure your terminal to interact with Vault cluster by setting `VAULT_ADDR`, `VAULT_CACERT`, and `VAULT_TOKEN`.
danielehc
left a comment
danielehc
left a comment
There was a problem hiding this comment.
The headers are not easy to follow. I think we should first rearrange the headers using the right depth, so that the right menu shows the workflow steps, and then we can do another review pass to see if the steps are clearly identified and correct.
boruszak
left a comment
boruszak
left a comment
There was a problem hiding this comment.
Keeping this solution simple. Accept and then this PR is ready to merge!
Co-authored-by: Jeff Boruszak <[email protected]>
krastin
dismissed
danielehc’s stale review
Daniele's earlier review was addressed and further on Jeff approved, therefore dismissing this one in order to merge
* k8s with vault integration * omit phrase In this example * Apply suggestions from code review Co-authored-by: Jeff Boruszak <[email protected]> * add further changes and propagate to v1.22.x * add note for vault dev mode * fixing links in list of steps * Apply suggestions from code review Co-authored-by: Jeff Boruszak <[email protected]> * apply codereview to other doc version --------- Co-authored-by: Jeff Boruszak <[email protected]>
3 participants
Description
This PR is part of the Consul tutorials to documentation conversion project.
The tutorial for Vault integration with Consul on K8s became a documentation page.
Links
Jira: CE-918
Deploy preview
Contributor checklists
Review urgency:
Pull request:
Content:
Reviewer checklist