Skip to content

Latest commit

 

History

History
76 lines (53 loc) · 1.58 KB

README.md

File metadata and controls

76 lines (53 loc) · 1.58 KB

Running Vault and Consul on Kubernetes

Want to learn how to build this?

Check out the post.

Want to use this project?

Prerequisites

Install:

  1. Go
  2. CloudFlare's SSL ToolKit (cfssl and cfssljson)
  3. Consul
  4. Vault
  5. Minikube

Minikube

Start the cluster:

$ minikube start --vm-driver=virtualbox
$ minikube dashboard

TLS Certificates

Create a Certificate Authority:

$ cfssl gencert -initca certs/config/ca-csr.json | cfssljson -bare certs/ca

Create the private keys and TLS certificates:

$ cfssl gencert \
    -ca=certs/ca.pem \
    -ca-key=certs/ca-key.pem \
    -config=certs/config/ca-config.json \
    -profile=default \
    certs/config/consul-csr.json | cfssljson -bare certs/consul

$ cfssl gencert \
    -ca=certs/ca.pem \
    -ca-key=certs/ca-key.pem \
    -config=certs/config/ca-config.json \
    -profile=default \
    certs/config/vault-csr.json | cfssljson -bare certs/vault

Vault and Consul

Spin up Vault and Consul on Kubernetes:

$ sh create.sh

Environment Variables

In a new terminal window, navigate to the project directory and set the following environment variables:

$ export VAULT_ADDR=https://127.0.0.1:8200
$ export VAULT_CACERT="certs/ca.pem"

Verify

$ kubectl get pods
$ vault status