P129679
/
molgenis-ops-docker-helm
1
0
Fork 0
Code Releases Activity
molgenis-ops-docker-helm/molgenis-vault
History
Fleur Kelpin 6d4d0172e0 feat (molgenis-vault): Switch backup storage to s3. 
We can host s3 compatible storage locally by deploying the stable/minio chart.
Ran into https://github.com/coreos/etcd-operator/issues/1980 and therefore downgrade the backup and restore operator images to 0.8.3.
 		2018-09-17 00:32:10 +02:00
..
charts chore (molgenis-vault): Add dependencies vault-operator and etcd-operator 2018-09-07 21:46:25 +02:00
resources feat (molgenis-vault): Switch backup storage to s3. 2018-09-17 00:32:10 +02:00
templates feat (molgenis-vault): Switch backup storage to s3. 2018-09-17 00:32:10 +02:00
.helmignore chore (molgenis-vault): helm init molgenis-vault 2018-09-07 21:46:04 +02:00
Chart.yaml doc (molgenis-vault): add icon 2018-09-07 22:45:32 +02:00
README.md feat (molgenis-vault): Switch backup storage to s3. 2018-09-17 00:32:10 +02:00
catalogIcon-molgenis-vault.svg doc (molgenis-vault): add icon 2018-09-07 22:45:32 +02:00
requirements.lock chore (molgenis-vault): Add dependencies vault-operator and etcd-operator 2018-09-07 21:46:25 +02:00
requirements.yaml chore (molgenis-vault): Add dependencies vault-operator and etcd-operator 2018-09-07 21:46:25 +02:00
values.yaml feat (molgenis-vault): Switch backup storage to s3. 2018-09-17 00:32:10 +02:00

README.md

MOLGENIS Vault helm chart

This chart creates a vault operator, but NO vault. The vault operator defines a new custom resource named vault that you can use to create vaults.

After launching the operator, create the molgenis vault manually: kubectl create -f resources/vault.yaml

That creates a new vault with two vault pods.

See https://github.com/coreos/vault-operator/blob/master/doc/user/vault.md

Parameters

Azure cloud credentials

Define credentials for backup to the Azure Blob Store. See etcd-operator documentation.

Parameter Description Default
s3.accessKeyId key id storage account AKIAIOSFODNN7EXAMPLE
s3.secretAccessKey secret access key of storage account wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
s3.region region of the storage server us-east-1
s3.endpoint endpoint for the storage server http://minio.minio.svc:9000

Backup job

Define the schedule of the backup job

Parameter Description Default
backupJob.enable Enable backup cronjob true
backupJob.schedule cron schedule for the backup 0 12 * * 1

UI

Parameter Description Default
ui.replicaCount desired number of Vault UI pod 1
ui.image.repository Vault UI container image repository djenriquez/vault-ui
ui.image.tag Vault UI container image tag latest
ui.resources Vault UI pod resource requests & limits {}
ui.nodeSelector node labels for Vault UI pod assignment {}
ui.ingress.enabled If true, Vault UI Ingress will be created true
ui.ingress.annotations Vault UI Ingress annotations {}
ui.ingress.host Vault UI Ingress hostname vault.molgenis.org
ui.ingress.tls Vault UI Ingress TLS configuration (YAML) []
ui.vault.url Vault UI default vault url https://vault.vault-operator:8200
ui.vault.auth Vault UI login method GITHUB
ui.service.name Vault UI service name vault-ui
ui.service.type type of ui service to create ClusterIP
ui.service.externalPort Vault UI service target port 8000
ui.service.internalPort Vault UI container port 8000
ui.service.nodePort Port to be used as the service NodePort (ignored if server.service.type is not NodePort) 0