Highly available Vault cluster in Kubernetes
Highly available Vault cluster in Kubernetes
Introduction
What is Vault?
Vault is a tool for securely accessing secrets. A secret is anything that you want to tightly control access to, such as API keys, passwords, or certificates. Vault provides a unified interface to any secret, while providing tight access control and recording a detailed audit log.
The introduction is copied over from official site.
I found these 2 articles here and here are very helpful to get understanding and get started. Also there is already a helm chart available. So why do I write again?
I’d prefer the step-by-step instructions over an already written helm chart at the time of learning. I want a close-to-production grade highly available Vault service, exposed via Ingress Controller, which uses end-to-end TLS for all communication, and with Auto Unseal capability. A diagram below shows the architecture.
This is the first part to create a single Vault cluster. The second part here is about Auto-Unseal.
