From bdce9ebd13e909814615c662c3e01c7331f26fea Mon Sep 17 00:00:00 2001 From: Theron Voran Date: Thu, 18 Nov 2021 18:08:35 -0800 Subject: [PATCH] docs: updated for vault-k8s 0.14.1 vault-helm 0.18.0 (#13199) * version bumps * updated chart options --- .../docs/platform/k8s/helm/configuration.mdx | 18 +++++------------- .../docs/platform/k8s/helm/enterprise.mdx | 2 +- .../helm/examples/enterprise-dr-with-raft.mdx | 4 ++-- .../examples/enterprise-perf-with-raft.mdx | 4 ++-- .../k8s/helm/examples/enterprise-with-raft.mdx | 2 +- .../content/docs/platform/k8s/helm/index.mdx | 10 +++++----- .../docs/platform/k8s/helm/openshift.mdx | 10 +++++----- website/content/docs/platform/k8s/helm/run.mdx | 7 +++---- .../docs/platform/k8s/injector/annotations.mdx | 2 +- .../platform/k8s/injector/installation.mdx | 2 +- 10 files changed, 26 insertions(+), 35 deletions(-) diff --git a/website/content/docs/platform/k8s/helm/configuration.mdx b/website/content/docs/platform/k8s/helm/configuration.mdx index 9cc47f56e6ee..46c37c2bfc22 100644 --- a/website/content/docs/platform/k8s/helm/configuration.mdx +++ b/website/content/docs/platform/k8s/helm/configuration.mdx @@ -67,21 +67,11 @@ and consider if they're appropriate for your deployment. - `enabled` (`boolean: true`) - When set to `true`, enables leader election for Vault Agent Injector. This is required when using auto-tls and more than 1 replica. - - `useContainer` (`boolean: false`) - The deployment of the leader-elector container will soon be removed from this chart since vault-k8s now uses an internal mechanism to determine leadership. To enable the deployment of the leader-elector container for use with vault-k8s 0.12.0 and earlier, set `useContainer=true` - - - `image` - Values that configure the Vault Agent Injector Leader Election image. - - - `repository` (`string: "gcr.io/google_containers/leader-elector"`) - The name of the leader election image for the Vault Agent Injector. - - - `tag` (`string: "0.4"`) - The tag of the Docker image for the Leader Election. **This should be pinned to a specific version when running in production.** - - - `ttl` (`string: "60s"`) - The frequency in which leader elections are performed in the Vault Agent Injector cluster. - - `image` - Values that configure the Vault Agent Injector Docker image. - `repository` (`string: "hashicorp/vault-k8s"`) - The name of the Docker image for Vault Agent Injector. - - `tag` (`string: "0.14.0"`) - The tag of the Docker image for the Vault Agent Injector. **This should be pinned to a specific version when running in production.** Otherwise, other changes to the chart may inadvertently upgrade your admission controller. + - `tag` (`string: "0.14.1"`) - The tag of the Docker image for the Vault Agent Injector. **This should be pinned to a specific version when running in production.** Otherwise, other changes to the chart may inadvertently upgrade your admission controller. - `pullPolicy` (`string: "IfNotPresent"`) - The pull policy for container images. The default pull policy is `IfNotPresent` which causes the Kubelet to skip pulling an image if it already exists. @@ -89,7 +79,7 @@ and consider if they're appropriate for your deployment. - `repository` (`string: "hashicorp/vault"`) - The name of the Docker image for the Vault Agent sidecar. This should be set to the official Vault Docker image. - - `tag` (`string: "1.8.4"`) - The tag of the Vault Docker image to use for the Vault Agent Sidecar. **Vault 1.3.1+ is required by the admission controller**. + - `tag` (`string: "1.9.0"`) - The tag of the Vault Docker image to use for the Vault Agent Sidecar. **Vault 1.3.1+ is required by the admission controller**. - `agentDefaults` - Values that configure the injected Vault Agent containers default values. @@ -108,6 +98,8 @@ and consider if they're appropriate for your deployment. - `exitOnRetryFailure` (`boolean: true`) - Controls whether Vault Agent exits after it has exhausted its number of template retry attempts due to failures. + - `staticSecretRenderInterval` (`string: ""`) - Configures how often Vault Agent Template should render non-leased secrets such as KV v2. See the [Vault Agent Templates documentation] (/docs/agent/template#non-renewable-secrets) for more details. + - `metrics` - Values that configure the Vault Agent Injector metric exporter. - `enabled` (`boolean: false`) - When set to `true`, the Vault Agent Injector exports Prometheus metrics at the `/metrics` path. @@ -251,7 +243,7 @@ and consider if they're appropriate for your deployment. - `repository` (`string: "hashicorp/vault"`) - The name of the Docker image for the containers running Vault. - - `tag` (`string: "1.8.4"`) - The tag of the Docker image for the containers running Vault. **This should be pinned to a specific version when running in production.** Otherwise, other changes to the chart may inadvertently upgrade your admission controller. + - `tag` (`string: "1.9.0"`) - The tag of the Docker image for the containers running Vault. **This should be pinned to a specific version when running in production.** Otherwise, other changes to the chart may inadvertently upgrade your admission controller. - `pullPolicy` (`string: "IfNotPresent"`) - The pull policy for container images. The default pull policy is `IfNotPresent` which causes the Kubelet to skip pulling an image if it already exists. diff --git a/website/content/docs/platform/k8s/helm/enterprise.mdx b/website/content/docs/platform/k8s/helm/enterprise.mdx index a0b7c2414769..48741266997d 100644 --- a/website/content/docs/platform/k8s/helm/enterprise.mdx +++ b/website/content/docs/platform/k8s/helm/enterprise.mdx @@ -31,7 +31,7 @@ In your chart overrides, set the values of [`server.image`](/docs/platform/k8s/h server: image: repository: hashicorp/vault-enterprise - tag: 1.8.4_ent + tag: 1.9.0_ent enterpriseLicense: secretName: vault-ent-license ``` diff --git a/website/content/docs/platform/k8s/helm/examples/enterprise-dr-with-raft.mdx b/website/content/docs/platform/k8s/helm/examples/enterprise-dr-with-raft.mdx index 964e3156811b..3ca5b2f12fbe 100644 --- a/website/content/docs/platform/k8s/helm/examples/enterprise-dr-with-raft.mdx +++ b/website/content/docs/platform/k8s/helm/examples/enterprise-dr-with-raft.mdx @@ -23,7 +23,7 @@ First, create the primary cluster: ```shell helm install vault-primary hashicorp/vault \ --set='server.image.repository=hashicorp/vault-enterprise' \ - --set='server.image.tag=1.8.4_ent' \ + --set='server.image.tag=1.9.0_ent' \ --set='server.ha.enabled=true' \ --set='server.ha.raft.enabled=true' ``` @@ -75,7 +75,7 @@ disaster recovery replication. ```shell helm install vault-secondary hashicorp/vault \ --set='server.image.repository=hashicorp/vault-enterprise' \ - --set='server.image.tag=1.8.4_ent' \ + --set='server.image.tag=1.9.0_ent' \ --set='server.ha.enabled=true' \ --set='server.ha.raft.enabled=true' ``` diff --git a/website/content/docs/platform/k8s/helm/examples/enterprise-perf-with-raft.mdx b/website/content/docs/platform/k8s/helm/examples/enterprise-perf-with-raft.mdx index 74d9eba5862f..87e4f3a45c0d 100644 --- a/website/content/docs/platform/k8s/helm/examples/enterprise-perf-with-raft.mdx +++ b/website/content/docs/platform/k8s/helm/examples/enterprise-perf-with-raft.mdx @@ -23,7 +23,7 @@ First, create the primary cluster: ```shell helm install vault-primary hashicorp/vault \ --set='server.image.repository=hashicorp/vault-enterprise' \ - --set='server.image.tag=1.8.4_ent' \ + --set='server.image.tag=1.9.0_ent' \ --set='server.ha.enabled=true' \ --set='server.ha.raft.enabled=true' ``` @@ -74,7 +74,7 @@ With the primary cluster created, next create a secondary cluster. ```shell helm install vault-secondary hashicorp/vault \ --set='server.image.repository=hashicorp/vault-enterprise' \ - --set='server.image.tag=1.8.4_ent' \ + --set='server.image.tag=1.9.0_ent' \ --set='server.ha.enabled=true' \ --set='server.ha.raft.enabled=true' ``` diff --git a/website/content/docs/platform/k8s/helm/examples/enterprise-with-raft.mdx b/website/content/docs/platform/k8s/helm/examples/enterprise-with-raft.mdx index 3a2b6a8dceb5..39a168cea23e 100644 --- a/website/content/docs/platform/k8s/helm/examples/enterprise-with-raft.mdx +++ b/website/content/docs/platform/k8s/helm/examples/enterprise-with-raft.mdx @@ -15,7 +15,7 @@ Integrated storage (raft) can be enabled using the `server.ha.raft.enabled` valu ```shell helm install vault hashicorp/vault \ --set='server.image.repository=hashicorp/vault-enterprise' \ - --set='server.image.tag=1.8.4_ent' \ + --set='server.image.tag=1.9.0_ent' \ --set='server.ha.enabled=true' \ --set='server.ha.raft.enabled=true' ``` diff --git a/website/content/docs/platform/k8s/helm/index.mdx b/website/content/docs/platform/k8s/helm/index.mdx index b8ddea6da2b4..3444d868fa90 100644 --- a/website/content/docs/platform/k8s/helm/index.mdx +++ b/website/content/docs/platform/k8s/helm/index.mdx @@ -35,7 +35,7 @@ $ helm repo add hashicorp https://helm.releases.hashicorp.com $ helm search repo hashicorp/vault NAME CHART VERSION APP VERSION DESCRIPTION -hashicorp/vault 0.17.0 1.8.4 Official HashiCorp Vault Chart +hashicorp/vault 0.18.0 1.9.0 Official HashiCorp Vault Chart ``` -> **Important:** The Helm chart is new and under significant development. @@ -57,17 +57,17 @@ Installing a specific version of the chart. # List the available releases $ helm search repo hashicorp/vault -l NAME CHART VERSION APP VERSION DESCRIPTION +hashicorp/vault 0.18.0 1.9.0 Official HashiCorp Vault Chart +hashicorp/vault 0.17.1 1.8.4 Official HashiCorp Vault Chart hashicorp/vault 0.17.0 1.8.4 Official HashiCorp Vault Chart hashicorp/vault 0.16.1 1.8.3 Official HashiCorp Vault Chart hashicorp/vault 0.16.0 1.8.2 Official HashiCorp Vault Chart hashicorp/vault 0.15.0 1.8.1 Official HashiCorp Vault Chart hashicorp/vault 0.14.0 1.8.0 Official HashiCorp Vault Chart hashicorp/vault 0.13.0 1.7.3 Official HashiCorp Vault Chart -hashicorp/vault 0.12.0 1.7.2 Official HashiCorp Vault Chart -hashicorp/vault 0.11.0 1.7.0 Official HashiCorp Vault Chart -# Install version 0.17.0 -$ helm install vault hashicorp/vault --version 0.17.0 +# Install version 0.18.0 +$ helm install vault hashicorp/vault --version 0.18.0 ``` ~> **Security Warning:** By default, the chart runs in standalone mode. This diff --git a/website/content/docs/platform/k8s/helm/openshift.mdx b/website/content/docs/platform/k8s/helm/openshift.mdx index 999a3900ee1f..51de15e4de17 100644 --- a/website/content/docs/platform/k8s/helm/openshift.mdx +++ b/website/content/docs/platform/k8s/helm/openshift.mdx @@ -69,7 +69,7 @@ $ helm repo add hashicorp https://helm.releases.hashicorp.com $ helm search repo hashicorp/vault NAME CHART VERSION APP VERSION DESCRIPTION -hashicorp/vault 0.17.0 1.8.4 Official HashiCorp Vault Chart +hashicorp/vault 0.18.0 1.9.0 Official HashiCorp Vault Chart ``` -> **Important:** The Helm chart is new and under significant development. @@ -88,17 +88,17 @@ Or install a specific version of the chart. # List the available releases $ helm search repo hashicorp/vault -l NAME CHART VERSION APP VERSION DESCRIPTION +hashicorp/vault 0.18.0 1.9.0 Official HashiCorp Vault Chart +hashicorp/vault 0.17.1 1.8.4 Official HashiCorp Vault Chart hashicorp/vault 0.17.0 1.8.4 Official HashiCorp Vault Chart hashicorp/vault 0.16.1 1.8.3 Official HashiCorp Vault Chart hashicorp/vault 0.16.0 1.8.2 Official HashiCorp Vault Chart hashicorp/vault 0.15.0 1.8.1 Official HashiCorp Vault Chart hashicorp/vault 0.14.0 1.8.0 Official HashiCorp Vault Chart hashicorp/vault 0.13.0 1.7.3 Official HashiCorp Vault Chart -hashicorp/vault 0.12.0 1.7.2 Official HashiCorp Vault Chart -hashicorp/vault 0.11.0 1.7.0 Official HashiCorp Vault Chart -# Install version 0.17.0 -$ helm install vault hashicorp/vault --version 0.17.0 +# Install version 0.18.0 +$ helm install vault hashicorp/vault --version 0.18.0 ``` The `helm install` command accepts parameters to override default configuration diff --git a/website/content/docs/platform/k8s/helm/run.mdx b/website/content/docs/platform/k8s/helm/run.mdx index 1343854941ca..19a91d471e7e 100644 --- a/website/content/docs/platform/k8s/helm/run.mdx +++ b/website/content/docs/platform/k8s/helm/run.mdx @@ -53,7 +53,7 @@ $ helm repo add hashicorp https://helm.releases.hashicorp.com $ helm search repo hashicorp/vault NAME CHART VERSION APP VERSION DESCRIPTION -hashicorp/vault 0.17.0 1.8.4 Official HashiCorp Vault Chart +hashicorp/vault 0.18.0 1.9.0 Official HashiCorp Vault Chart ``` -> **Important:** The Helm chart is new and under significant development. @@ -72,15 +72,14 @@ Or install a specific version of the chart. # List the available releases $ helm search repo hashicorp/vault -l NAME CHART VERSION APP VERSION DESCRIPTION +hashicorp/vault 0.18.0 1.9.0 Official HashiCorp Vault Chart +hashicorp/vault 0.17.1 1.8.4 Official HashiCorp Vault Chart hashicorp/vault 0.17.0 1.8.4 Official HashiCorp Vault Chart hashicorp/vault 0.16.1 1.8.3 Official HashiCorp Vault Chart hashicorp/vault 0.16.0 1.8.2 Official HashiCorp Vault Chart hashicorp/vault 0.15.0 1.8.1 Official HashiCorp Vault Chart hashicorp/vault 0.14.0 1.8.0 Official HashiCorp Vault Chart hashicorp/vault 0.13.0 1.7.3 Official HashiCorp Vault Chart -hashicorp/vault 0.12.0 1.7.2 Official HashiCorp Vault Chart -hashicorp/vault 0.11.0 1.7.0 Official HashiCorp Vault Chart -hashicorp/vault 0.10.0 1.7.0 Official HashiCorp Vault Chart # Install version 0.17.0 $ helm install vault hashicorp/vault --version 0.17.0 diff --git a/website/content/docs/platform/k8s/injector/annotations.mdx b/website/content/docs/platform/k8s/injector/annotations.mdx index 187f8f08ffcd..df959a769406 100644 --- a/website/content/docs/platform/k8s/injector/annotations.mdx +++ b/website/content/docs/platform/k8s/injector/annotations.mdx @@ -28,7 +28,7 @@ them, optional commands to run, etc. - `vault.hashicorp.com/agent-image` - name of the Vault docker image to use. This value overrides the default image configured in the controller and is usually - not needed. Defaults to `hashicorp/vault:1.8.4`. + not needed. Defaults to `hashicorp/vault:1.9.0`. - `vault.hashicorp.com/agent-init-first` - configures the pod to run the Vault Agent init container first if `true` (last if `false`). This is useful when other init diff --git a/website/content/docs/platform/k8s/injector/installation.mdx b/website/content/docs/platform/k8s/injector/installation.mdx index 8672e549ef44..f3678b66069b 100644 --- a/website/content/docs/platform/k8s/injector/installation.mdx +++ b/website/content/docs/platform/k8s/injector/installation.mdx @@ -20,7 +20,7 @@ $ helm repo add hashicorp https://helm.releases.hashicorp.com $ helm search repo hashicorp/vault NAME CHART VERSION APP VERSION DESCRIPTION -hashicorp/vault 0.17.0 1.8.4 Official HashiCorp Vault Chart +hashicorp/vault 0.18.0 1.9.0 Official HashiCorp Vault Chart ``` Then install the chart and enable the injection feature by setting the