Giter Site home page Giter Site logo

hashitalks-aks-pod-id's Introduction

Running Vault on AKS with Pod Identity

This repository was developed for use with my HashiTalks presentation on February 20, 2020. The intention was to demonstrate using the AKS Pod Identity project with a HashiCorp Vault deployment running on Kubernetes. The Pod Identity project would be used to provide an MSI to the Vault pods for use with the Azure Auth setup. It would also be used to allow other pods in the cluster to authenticate to Vault and retrieve a value stored on Vault's k/v store.

Pre-requisites

You're going to need the following tools installed:

  • Azure CLI
  • kubectl
  • helm (version 3+)
  • git
  • terraform (version 0.12+)

You can run the process from Linux, Mac, or Windows

Set-up process

The setup process is pretty simple.

  1. Deploy the AKS cluster and Identity resources using Terraform.
  2. Deploy Pod Identity with Helm and add the Custom Resources
  3. Deploy Vault with Helm
  4. Configure Vault using the CLI
  5. Deploy a demo container to test the process

The Terraform configuration is in the cluster_creation directory, along with a script for running it. Once the deployment is complete, you can run through the actions in the setup.sh script in the root directory. Part of the process is cloning the Vault repo that has the Helm chart for deploying Vault. Hopefully HashiCorp switches over to an actual Helm repo, and that step will soon no longer be necessary.

hashitalks-aks-pod-id's People

Contributors

ned1313 avatar

Stargazers

Flavian Anselemo avatar H avatar Marc Chua avatar Roberto Porfiro avatar Marek Anderson avatar Paul Puvi avatar Eric Brusseau avatar Jon Seager avatar avatar Nikita Zhevnitskiy avatar Vessy avatar

Watchers

James Cloos avatar avatar Sevil Roach avatar Vessy avatar avatar

Forkers

udaykanth469 vpernankil branden-devries aleksandarstefanov-tomtom ecogit-stage ungaya

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.