No introduction found. Create it?
Install with:
helm repo add hashicorp https://helm.releases.hashicorp.com/
helm install vault hashicorp/vault -f values.yamlSee examples from other people.
| Name | Repo | Stars | Version | Timestamp |
|---|---|---|---|---|
| vault | h3mmy/bloopySphere | 63 | 0.31.0 | 12 days ago |
| vault | qjoly/GitOps | 99 | 0.32.0 | 2 months ago |
| vault | qjoly/GitOps | 99 | 0.32.0 | 2 months ago |
See the most popular values for this chart:
| Key | Types |
|---|---|
ui.enabled (7) true | boolean |
| number | |
ui.serviceType (3) ClusterIP | string |
| number | |
injector.enabled (6) false | boolean |
injector.image.repository (1) hashicorp/vault-k8s | string |
| string | |
| string | |
| string | |
| string | |
| string | |
| boolean | |
server.ingress.hosts[].host (6) vault.127.0.0.1.nip.io | string |
| string | |
server.ingress.tls[].hosts[] (6) - vault.127.0.0.1.nip.io | string |
server.ingress.tls[].secretName (6) mkcert-tls-secret | string |
| string | |
server.ingress.annotations."cert-manager.io/cluster-issuer" (3) letsencrypt-production | string |
| string | |
| string | |
| string | |
server.ingress.annotations."forecastle.stakater.com/icon" (2) https://icon.icepanel.io/Technology/svg/HashiCorp-Vault.svg | string |
| string | |
| string | |
| string | |
server.ingress.annotations."traefik.ingress.kubernetes.io/router.middlewares" (1) networking-rfc1918@kubernetescrd | string |
| string | |
| boolean | |
| boolean | |
| boolean | |
server.ha.raft.config (2) ui = true
listener "tcp" {
address = "[0.0.0.0]:8200"
cluster_address = "[0.0.0.0]:8201"
tls_cert_file = "/vault/tls/tls.crt"
tls_key_file = "/vault/tls/tls.key"
api_addr = "https://vault-active:8200"
cluster_addr = "https://vault-active:8201"
}
seal "awskms" {
region = "us-west-2"
kms_key_id = "765bd6ab-accb-421f-9ace-b31771c2887e"
}
storage "raft" {
path = "/vault/data"
retry_join {
leader_api_addr = "https://vault-0.vault-internal:8200"
leader_ca_cert_file = "/vault/tls/ca.crt"
leader_client_cert_file = "/vault/tls/tls.crt"
leader_client_key_file = "/vault/tls/tls.key"
}
retry_join {
leader_api_addr = "https://vault-1.vault-internal:8200"
leader_ca_cert_file = "/vault/tls/ca.crt"
leader_client_cert_file = "/vault/tls/tls.crt"
leader_client_key_file = "/vault/tls/tls.key"
}
retry_join {
leader_api_addr = "https://vault-2.vault-internal:8200"
leader_ca_cert_file = "/vault/tls/ca.crt"
leader_client_cert_file = "/vault/tls/tls.crt"
leader_client_key_file = "/vault/tls/tls.key"
}
}
service_registration "kubernetes" {}
| string |
| boolean | |
| number | |
server.volumeMounts[].mountPath (5) /vault/userconfig/init | string |
server.volumeMounts[].name (5) vault-init | string |
| boolean | |
server.volumes[].name (5) vault-init | string |
| number | |
server.volumes[].configMap.name (2) vault-init | string |
server.volumes[].secret.secretName (1) vault-server-tls | string |
| boolean | |
| string | |
server.dataStorage.accessMode (2) ReadWriteOnce | string |
server.dataStorage.mountPath (2) /vault/data | string |
server.dataStorage.storageClass (2) ceph-block | string |
| string | |
| string | |
| string | |
| string | |
| string | |
| string | |
| boolean | |
| string | |
| boolean | |
| string | |
| string | |
server.postStart[] (2) - /bin/sh | string |
| boolean | |
server.readinessProbe.path (2) /v1/sys/health?standbyok=true&sealedcode=204&uninitcode=204 | string |
| boolean | |
server.standalone.config (1) log_format = "json"
ui = true
cluster_name = "beryjuorg-prod"
plugin_directory = "/usr/local/libexec/vault"
storage "file" {
path = "/vault/data"
}
# HTTPS listener
listener "tcp" {
address = "[::]:8200"
cluster_address = "[::]:8201"
tls_disable = 1
}
telemetry {
prometheus_retention_time = "24h"
disable_hostname = true
}
| string |
server.updateStrategyType (2) RollingUpdate | string |
| string | |
| boolean | |
| boolean | |
server.extraEnvironmentVars.GOOGLE_APPLICATION_CREDENTIALS (1) /vault/userconfig/kms-vault-unseal/serviceaccount.json | string |
| string | |
| string | |
server.extraInitContainers[].args[] (1) - cd /tmp && wget https://github.com/martinbaillie/vault-plugin-secrets-github/releases/download/v2.1.0/vault-plugin-secrets-github-linux-amd64 && mv vault-plugin-secrets-github-linux-amd64 /usr/local/libexec/vault/secrets-github && chmod +x /usr/local/libexec/vault/secrets-github | string |
| string | |
| string | |
server.extraInitContainers[].name (1) github-plugin | string |
server.extraInitContainers[].volumeMounts[].mountPath (1) /usr/local/libexec/vault | string |
| string | |
| string | |
server.extraSecretEnvironmentVars[].envName (1) AWS_ACCESS_KEY_ID | string |
server.extraSecretEnvironmentVars[].secretKey (1) AWS_ACCESS_KEY_ID | string |
server.extraSecretEnvironmentVars[].secretName (1) vault-aws-creds | string |
server.extraVolumes[].name (1) kms-vault-unseal | string |
server.extraVolumes[].path (1) /vault/userconfig | string |
| string | |
server.image.repository (1) proxy.registry.beryju.io/hashicorp/vault | string |
server.image.tag (1) 1.21.4 | string |
| boolean | |
| number | |
server.livenessProbe.path (1) /v1/sys/health?standbyok=true | string |
| number | |
server.service.type (1) ClusterIP | string |
| boolean | |
| string | |
| boolean | |
| boolean | |
| number | |
| number | |
| string | |
server.tolerations (1) - key: "arm"
operator: "Exists"
| string |
csi.enabled (4) false | boolean |
global.enabled (2) false | boolean |
| boolean | |
| boolean | |
| string | |
serverTelemetry.serviceMonitor.authorization.credentials.name (1) beryju-io-vault-monitoring | string |
| boolean | |
| boolean |