Compare commits
No commits in common. "537334364ac75cea5dce2555b93a59f6efa88d61" and "f34b0dc85f199afd731bbc68c7bffa7bba82ad39" have entirely different histories.
537334364a
...
f34b0dc85f
|
@ -104,8 +104,7 @@ This repository is serves also as a catalogue for Rancher. We have serveral apps
|
|||
- [Jenkins](molgenis-jenkins/README.md)
|
||||
- [NEXUS](molgenis-nexus/README.md)
|
||||
- [HTTPD](molgenis-httpd/README.md)
|
||||
- [MOLGENIS preview](molgenis-preview/README.md)
|
||||
- [MOLGENIS vault](molgenis-vault/README.md)
|
||||
- [MOLNIGES preview](molgenis-preview/README.md)
|
||||
|
||||
### Useful commands
|
||||
You can you need to know to easily develop and deploy helm-charts
|
||||
|
|
|
@ -0,0 +1,12 @@
|
|||
apiVersion: "etcd.database.coreos.com/v1beta2"
|
||||
kind: "EtcdBackup"
|
||||
metadata:
|
||||
name: backup
|
||||
namespace: "vault-operator"
|
||||
spec:
|
||||
etcdEndpoints: ["https://vault-etcd-client:2379"]
|
||||
storageType: ABS
|
||||
clientTLSSecret: vault-etcd-client-tls
|
||||
abs:
|
||||
path: vault/backup
|
||||
absSecret: abs
|
|
@ -1,4 +1,3 @@
|
|||
# Use kubectl create -f restore.yaml to manually execute a restore of the vault
|
||||
apiVersion: "etcd.database.coreos.com/v1beta2"
|
||||
kind: "EtcdRestore"
|
||||
metadata:
|
||||
|
@ -11,5 +10,5 @@ spec:
|
|||
name: vault-etcd
|
||||
backupStorageType: ABS
|
||||
abs:
|
||||
path: vault/backup-<specify the backup name>
|
||||
path: vault/backup
|
||||
absSecret: abs
|
|
@ -1,4 +1,3 @@
|
|||
# Use kubectl create -f vault.yaml to manually create a vault
|
||||
apiVersion: "vault.security.coreos.com/v1alpha1"
|
||||
kind: "VaultService"
|
||||
metadata:
|
||||
|
|
|
@ -1,13 +1 @@
|
|||
Vault operator created
|
||||
|
||||
Next steps:
|
||||
|
||||
* Manually create a vault using resources/vault.yaml
|
||||
* Manually restore a backup using resources/backup.yaml
|
||||
* Unseal the vault pods
|
||||
|
||||
{{ if .Values.backupJob.enable }}
|
||||
!! Make sure to check if the backups succeed !!
|
||||
{{ else }}
|
||||
!!!!!! NO BACKUPS CONFIGURED !!!!!!
|
||||
{{ end }}
|
||||
Good luck!
|
|
@ -1,4 +1,3 @@
|
|||
# Secret to access microsoft azure block store
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
|
|
|
@ -1,4 +1,3 @@
|
|||
# configmap to use as a template for backup cron jobs
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
|
|
|
@ -1,5 +1,4 @@
|
|||
{{- if .Values.backupJob.enable }}
|
||||
# cronjob that creates etcdbackups using the etcd backup serviceaccount
|
||||
apiVersion: batch/v1beta1
|
||||
kind: CronJob
|
||||
metadata:
|
||||
|
|
|
@ -0,0 +1,38 @@
|
|||
{{- if .Values.ingress.enabled -}}
|
||||
{{- $fullName := include "molgenis-vault.fullname" . -}}
|
||||
{{- $ingressPath := .Values.ingress.path -}}
|
||||
apiVersion: extensions/v1beta1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: {{ $fullName }}
|
||||
labels:
|
||||
app: {{ template "molgenis-vault.name" . }}
|
||||
chart: {{ template "molgenis-vault.chart" . }}
|
||||
release: {{ .Release.Name }}
|
||||
heritage: {{ .Release.Service }}
|
||||
{{- with .Values.ingress.annotations }}
|
||||
annotations:
|
||||
{{ toYaml . | indent 4 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
{{- if .Values.ingress.tls }}
|
||||
tls:
|
||||
{{- range .Values.ingress.tls }}
|
||||
- hosts:
|
||||
{{- range .hosts }}
|
||||
- {{ . }}
|
||||
{{- end }}
|
||||
secretName: {{ .secretName }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
rules:
|
||||
{{- range .Values.ingress.hosts }}
|
||||
- host: {{ . }}
|
||||
http:
|
||||
paths:
|
||||
- path: {{ $ingressPath }}
|
||||
backend:
|
||||
serviceName: {{ $fullName }}
|
||||
servicePort: http
|
||||
{{- end }}
|
||||
{{- end }}
|
Loading…
Reference in New Issue