A while back I wrote about how we use Vault in Kubernetes and recently a good samaritan brought it to my attention that so much has changed with our implementation that I should update/rewrite a post about our current setup. Again congrats to Martin Devlin for all the effort he has put in. Amazing engineer….
First off thanks to Martin for taking this from a POC to a product within Kubernetes. When it comes to managing secrets inside Kubernetes, Vault is our go to solution. It is not exposed externally at this time although we have considered it for external workloads. We are working with it in a couple areas…
Tagsaffinity anti-affinity aws build pipeline CI/CD pipeline codegen conference consul container containers continuous deployment cron devops docker envconsul fluentd hashicorp hipchat hubot IFTTT ingress ingress controller jenkins job jobs kafka kube-dns kubecon kubernetes kubernetes api kubernetes scheduler migration multiaz mysql nginx python python-client rds registry serviceaccount st2 stackstorm talk terraform vault