From ca3c3c9be5f8c21b9fcee4a555474bc2e8d42a32 Mon Sep 17 00:00:00 2001 From: Jason O'Donnell <2160810+jasonodonnell@users.noreply.github.com> Date: Tue, 2 Feb 2021 16:37:34 -0500 Subject: [PATCH] k8s doc: update for 0.9.1 and 0.8.0 releases (#10825) * k8s doc: update for 0.9.1 and 0.8.0 releases * Update website/content/docs/platform/k8s/helm/configuration.mdx Co-authored-by: Theron Voran Co-authored-by: Theron Voran --- .../content/docs/platform/k8s/helm/configuration.mdx | 8 ++++---- .../k8s/helm/examples/enterprise-dr-with-raft.mdx | 4 ++-- .../k8s/helm/examples/enterprise-perf-with-raft.mdx | 4 ++-- .../k8s/helm/examples/enterprise-with-raft.mdx | 2 +- website/content/docs/platform/k8s/helm/index.mdx | 7 ++++--- website/content/docs/platform/k8s/helm/openshift.mdx | 7 ++++--- website/content/docs/platform/k8s/helm/run.mdx | 11 ++++++----- .../docs/platform/k8s/injector/annotations.mdx | 9 ++++++++- .../docs/platform/k8s/injector/installation.mdx | 2 +- 9 files changed, 32 insertions(+), 22 deletions(-) diff --git a/website/content/docs/platform/k8s/helm/configuration.mdx b/website/content/docs/platform/k8s/helm/configuration.mdx index 5a54830dd9..a8014e2eb4 100644 --- a/website/content/docs/platform/k8s/helm/configuration.mdx +++ b/website/content/docs/platform/k8s/helm/configuration.mdx @@ -144,10 +144,10 @@ and consider if they're appropriate for your deployment. podAntiAffinity: requiredDuringSchedulingIgnoredDuringExecution: - labelSelector: - matchLabels: - app: {{ template "vault.name" . }} - release: "{{ .Release.Name }}" - component: injector + matchLabels: + app.kubernetes.io/name: {{ template "vault.name" . }}-agent-injector + app.kubernetes.io/instance: "{{ .Release.Name }}" + component: webhook topologyKey: kubernetes.io/hostname ``` diff --git a/website/content/docs/platform/k8s/helm/examples/enterprise-dr-with-raft.mdx b/website/content/docs/platform/k8s/helm/examples/enterprise-dr-with-raft.mdx index f4bd1762c6..278ec42421 100644 --- a/website/content/docs/platform/k8s/helm/examples/enterprise-dr-with-raft.mdx +++ b/website/content/docs/platform/k8s/helm/examples/enterprise-dr-with-raft.mdx @@ -22,7 +22,7 @@ First, create the primary cluster: ```shell helm install vault-primary hashicorp/vault \ --set='server.image.repository=hashicorp/vault-enterprise' \ - --set='server.image.tag=1.5.4_ent' \ + --set='server.image.tag=1.6.2_ent' \ --set='server.ha.enabled=true' \ --set='server.ha.raft.enabled=true' ``` @@ -74,7 +74,7 @@ disaster recovery replication. ```shell helm install vault-secondary hashicorp/vault \ --set='server.image.repository=hashicorp/vault-enterprise' \ - --set='server.image.tag=1.5.4_ent' \ + --set='server.image.tag=1.6.2_ent' \ --set='server.ha.enabled=true' \ --set='server.ha.raft.enabled=true' ``` diff --git a/website/content/docs/platform/k8s/helm/examples/enterprise-perf-with-raft.mdx b/website/content/docs/platform/k8s/helm/examples/enterprise-perf-with-raft.mdx index 61e98d8ea0..097ee001b8 100644 --- a/website/content/docs/platform/k8s/helm/examples/enterprise-perf-with-raft.mdx +++ b/website/content/docs/platform/k8s/helm/examples/enterprise-perf-with-raft.mdx @@ -22,7 +22,7 @@ First, create the primary cluster: ```shell helm install vault-primary hashicorp/vault \ --set='server.image.repository=hashicorp/vault-enterprise' \ - --set='server.image.tag=1.5.4_ent' \ + --set='server.image.tag=1.6.2_ent' \ --set='server.ha.enabled=true' \ --set='server.ha.raft.enabled=true' ``` @@ -73,7 +73,7 @@ With the primary cluster created, next create a secondary cluster. ```shell helm install vault-secondary hashicorp/vault \ --set='server.image.repository=hashicorp/vault-enterprise' \ - --set='server.image.tag=1.5.4_ent' \ + --set='server.image.tag=1.6.2_ent' \ --set='server.ha.enabled=true' \ --set='server.ha.raft.enabled=true' ``` diff --git a/website/content/docs/platform/k8s/helm/examples/enterprise-with-raft.mdx b/website/content/docs/platform/k8s/helm/examples/enterprise-with-raft.mdx index 825f7f111c..ddedceff5a 100644 --- a/website/content/docs/platform/k8s/helm/examples/enterprise-with-raft.mdx +++ b/website/content/docs/platform/k8s/helm/examples/enterprise-with-raft.mdx @@ -16,7 +16,7 @@ Integrated storage (raft) can be enabled using the `server.ha.raft.enabled` valu ```shell helm install vault hashicorp/vault \ --set='server.image.repository=hashicorp/vault-enterprise' \ - --set='server.image.tag=1.5.4_ent' \ + --set='server.image.tag=1.6.2_ent' \ --set='server.ha.enabled=true' \ --set='server.ha.raft.enabled=true' ``` diff --git a/website/content/docs/platform/k8s/helm/index.mdx b/website/content/docs/platform/k8s/helm/index.mdx index 2bbc3f245f..ac11adca46 100644 --- a/website/content/docs/platform/k8s/helm/index.mdx +++ b/website/content/docs/platform/k8s/helm/index.mdx @@ -36,7 +36,7 @@ $ helm repo add hashicorp https://helm.releases.hashicorp.com $ helm search repo hashicorp/vault NAME CHART VERSION APP VERSION DESCRIPTION -hashicorp/vault 0.9.0 1.6.1 Official HashiCorp Vault Chart +hashicorp/vault 0.9.1 1.6.2 Official HashiCorp Vault Chart ``` -> **Important:** The Helm chart is new and under significant development. @@ -58,13 +58,14 @@ Installing a specific version of the chart. # List the available releases $ helm search repo hashicorp/vault -l NAME CHART VERSION APP VERSION DESCRIPTION +hashicorp/vault 0.9.1 1.6.2 Official HashiCorp Vault Chart hashicorp/vault 0.9.0 1.6.1 Official HashiCorp Vault Chart hashicorp/vault 0.8.0 1.5.4 Official HashiCorp Vault Chart hashicorp/vault 0.7.0 1.5.2 Official HashiCorp Vault Chart hashicorp/vault 0.6.0 1.4.2 Official HashiCorp Vault Chart -# Install version 0.9.0 -$ helm install vault hashicorp/vault --version 0.9.0 +# Install version 0.9.1 +$ helm install vault hashicorp/vault --version 0.9.1 ``` ~> **Security Warning:** By default, the chart runs in standalone mode. This diff --git a/website/content/docs/platform/k8s/helm/openshift.mdx b/website/content/docs/platform/k8s/helm/openshift.mdx index 18165cb79b..8627a73013 100644 --- a/website/content/docs/platform/k8s/helm/openshift.mdx +++ b/website/content/docs/platform/k8s/helm/openshift.mdx @@ -70,7 +70,7 @@ $ helm repo add hashicorp https://helm.releases.hashicorp.com $ helm search repo hashicorp/vault NAME CHART VERSION APP VERSION DESCRIPTION -hashicorp/vault 0.9.0 1.6.1 Official HashiCorp Vault Chart +hashicorp/vault 0.9.1 1.6.2 Official HashiCorp Vault Chart ``` -> **Important:** The Helm chart is new and under significant development. @@ -89,13 +89,14 @@ Or install a specific version of the chart. # List the available releases $ helm search repo hashicorp/vault -l NAME CHART VERSION APP VERSION DESCRIPTION +hashicorp/vault 0.9.1 1.6.2 Official HashiCorp Vault Chart hashicorp/vault 0.9.0 1.6.1 Official HashiCorp Vault Chart hashicorp/vault 0.8.0 1.5.4 Official HashiCorp Vault Chart hashicorp/vault 0.7.0 1.5.2 Official HashiCorp Vault Chart hashicorp/vault 0.6.0 1.4.2 Official HashiCorp Vault Chart -# Install version 0.9.0 -$ helm install vault hashicorp/vault --version 0.9.0 +# Install version 0.9.1 +$ helm install vault hashicorp/vault --version 0.9.1 ``` The `helm install` command accepts parameters to override default configuration diff --git a/website/content/docs/platform/k8s/helm/run.mdx b/website/content/docs/platform/k8s/helm/run.mdx index 1ce9c1aa7c..6db19a3dd2 100644 --- a/website/content/docs/platform/k8s/helm/run.mdx +++ b/website/content/docs/platform/k8s/helm/run.mdx @@ -54,7 +54,7 @@ $ helm repo add hashicorp https://helm.releases.hashicorp.com $ helm search repo hashicorp/vault NAME CHART VERSION APP VERSION DESCRIPTION -hashicorp/vault 0.9.0 1.6.1 Official HashiCorp Vault Chart +hashicorp/vault 0.9.1 1.6.2 Official HashiCorp Vault Chart ``` -> **Important:** The Helm chart is new and under significant development. @@ -73,13 +73,14 @@ Or install a specific version of the chart. # List the available releases $ helm search repo hashicorp/vault -l NAME CHART VERSION APP VERSION DESCRIPTION +hashicorp/vault 0.9.1 1.6.2 Official HashiCorp Vault Chart hashicorp/vault 0.9.0 1.6.1 Official HashiCorp Vault Chart hashicorp/vault 0.8.0 1.5.4 Official HashiCorp Vault Chart hashicorp/vault 0.7.0 1.5.2 Official HashiCorp Vault Chart hashicorp/vault 0.6.0 1.4.2 Official HashiCorp Vault Chart -# Install version 0.9.0 -$ helm install vault hashicorp/vault --version 0.9.0 +# Install version 0.9.1 +$ helm install vault hashicorp/vault --version 0.9.1 ``` The `helm install` command accepts parameters to override default configuration @@ -422,14 +423,14 @@ Next, list the Helm versions and choose the desired version to install. ```bash helm search repo hashicorp/vault NAME CHART VERSION APP VERSION DESCRIPTION -hashicorp/vault 0.9.0 1.6.1 Official HashiCorp Vault Chart +hashicorp/vault 0.9.1 1.6.2 Official HashiCorp Vault Chart ``` Next, test the upgrade with `--dry-run` first to verify the changes sent to the Kubernetes cluster. ```shell-session -$ helm upgrade vault hashicorp/vault --version=0.9.0 \ +$ helm upgrade vault hashicorp/vault --version=0.9.1 \ --set='server.image.repository=vault' \ --set='server.image.tag=123.456' \ --dry-run diff --git a/website/content/docs/platform/k8s/injector/annotations.mdx b/website/content/docs/platform/k8s/injector/annotations.mdx index 813ac4b4a8..e89d21ee00 100644 --- a/website/content/docs/platform/k8s/injector/annotations.mdx +++ b/website/content/docs/platform/k8s/injector/annotations.mdx @@ -153,6 +153,10 @@ them, optional commands to run, etc. - `vault.hashicorp.com/agent-cache-listener-port` - configures Vault Agent cache listening port. Defaults to `8080`. +- `vault.hashicorp.com/agent-copy-volume-mounts` - copies the mounts from the specified + container and mounts them to the Vault Agent containers. The service account volume is + ignored. + ## Vault Annotations Vault annotations change how the Vault Agent containers communicate with Vault. For @@ -184,6 +188,9 @@ etc. - `vault.hashicorp.com/log-level` - configures the verbosity of the Vault Agent log level. Default is `info`. +- `vault.hashicorp.com/log-format` - configures the log type for Vault Agent. Possible + values are `standard` and `json`. Default is `standard`. + - `vault.hashicorp.com/namespace` - configures the Vault Enterprise namespace to be used when requesting secrets from Vault. @@ -202,4 +209,4 @@ etc. - `vault.hashicorp.com/tls-skip-verify` - if true, configures the Vault Agent to skip verification of Vault's TLS certificate. It's not recommended to set this - value to true in a production environment. + value to true in a production environment. \ No newline at end of file diff --git a/website/content/docs/platform/k8s/injector/installation.mdx b/website/content/docs/platform/k8s/injector/installation.mdx index 5e63eff86f..94b6b15892 100644 --- a/website/content/docs/platform/k8s/injector/installation.mdx +++ b/website/content/docs/platform/k8s/injector/installation.mdx @@ -21,7 +21,7 @@ $ helm repo add hashicorp https://helm.releases.hashicorp.com $ helm search repo hashicorp/vault NAME CHART VERSION APP VERSION DESCRIPTION -hashicorp/vault 0.9.0 1.6.1 Official HashiCorp Vault Chart +hashicorp/vault 0.9.1 1.6.2 Official HashiCorp Vault Chart ``` Then install the chart and enable the injection feature by setting the