Add OpenShift beta support #319
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
* format openshift conditionals * remove comments from vault config * added raft config for openshift
… standby services
…ion for injector in network policy
tvoran
reviewed
Jun 3, 2020
tvoran
approved these changes
Jun 3, 2020
tvoran
approved these changes
Jun 3, 2020
radudd
added a commit
to radudd/vault-helm
that referenced
this pull request
Jun 5, 2020
* Initial commit * Added openshift flag * added self signed certificate for service annotation * added OpenShift flag * Added OpenShift flag * cleanup * Cleanup * Further cleanup * Further cleanup * reverted security context on injector * Extra corrections * cleanup * Removed Raft config for OpenShift, removed generated certs for ha and standby services * Add openshift flag to global block, route disabled by default, condition for injector in network policy * Added Unit tests for OpenShift * Fixed unit test for HA statefulset for OpenShift * Removed debug log level from stateful set * Added port 8201 to networkpolicy * Updated injector image * Add openshift beta support * Add openshift beta support * Remove comments from configs * Remove vault-k8s note from values * Change route to use active service when HA Co-Authored-by: Radu Domnu <39598837+radudd@users.noreply.github.com>
radudd
added a commit
to radudd/vault-helm
that referenced
this pull request
Jun 5, 2020
* Initial commit * Added openshift flag * added self signed certificate for service annotation * added OpenShift flag * Added OpenShift flag * cleanup * Cleanup * Further cleanup * Further cleanup * reverted security context on injector * Extra corrections * cleanup * Removed Raft config for OpenShift, removed generated certs for ha and standby services * Add openshift flag to global block, route disabled by default, condition for injector in network policy * Added Unit tests for OpenShift * Fixed unit test for HA statefulset for OpenShift * Removed debug log level from stateful set * Added port 8201 to networkpolicy * Updated injector image * Add openshift beta support * Add openshift beta support * Remove comments from configs * Remove vault-k8s note from values * Change route to use active service when HA Co-authored-by: Radu Domnu <39598837+radudd@users.noreply.github.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This adds beta support for OpenShift Container Platform and is a fork of #289.
Added in this PR is:
global.openshiftvalue to make the helm chart compatible with OpenShift 4.xemptydirvolume to/home/vaultso Vault CLI can cache tokens for bootstrapping (permission issues on OpenShift where/home/vaultisn't owned by arbitrary UID)passthroughto allow Vault to handle TLS)This PR differed from #289 by removing auto-tls generation offered by OpenShift. This feature will need additional work and should be a separate PR to avoid complications with setup of integrated storage (Raft).
Both Vault OSS and Vault Enterprise are supported using this feature.