new format of openbao.md
This commit is contained in:
parent
e8f4cfc363
commit
a6dd5fe8a8
1 changed files with 0 additions and 45 deletions
|
|
@ -1,21 +1,6 @@
|
||||||
# OpenBao michal
|
|
||||||
|
|
||||||
## 📋 Outline
|
|
||||||
- [OpenBao michal](#openbao-michal)
|
|
||||||
- [📋 Outline](#-outline)
|
|
||||||
- [🧐 What is it?](#-what-is-it)
|
|
||||||
- [📦 Main features](#-main-features)
|
|
||||||
- [⏱️ Quick start guide](#️-quick-start-guide)
|
|
||||||
- [⚙️ Configuration](#️-configuration)
|
|
||||||
- [🔗 References](#-references)
|
|
||||||
|
|
||||||
## 🧐 What is it?
|
|
||||||
|
|
||||||
[OpenBao](https://openbao.org/) is a fork of [HashiCorp Vault](https://developer.hashicorp.com/vault) which is a centralized solution for managing and securing sensitive data like authentication credentials, usernames, API tokens, and database credentials.
|
[OpenBao](https://openbao.org/) is a fork of [HashiCorp Vault](https://developer.hashicorp.com/vault) which is a centralized solution for managing and securing sensitive data like authentication credentials, usernames, API tokens, and database credentials.
|
||||||
Beyond static secrets, OpenBao supports dynamic secrets, allowing applications to generate ephemeral credentials for enhanced security.
|
Beyond static secrets, OpenBao supports dynamic secrets, allowing applications to generate ephemeral credentials for enhanced security.
|
||||||
|
|
||||||
## 📦 Main features
|
|
||||||
|
|
||||||
OpenBao's _Encrypt as a Service_ feature makes it simple to implement data encryption across your systems.
|
OpenBao's _Encrypt as a Service_ feature makes it simple to implement data encryption across your systems.
|
||||||
|
|
||||||
OpenBao's Secret Engines include:
|
OpenBao's Secret Engines include:
|
||||||
|
|
@ -26,36 +11,6 @@ OpenBao's Secret Engines include:
|
||||||
5. **Time-based One-Time Passwords** (TOTP) for two-factor authentication
|
5. **Time-based One-Time Passwords** (TOTP) for two-factor authentication
|
||||||
6. **Kubernetes Secrets** for seamless integration with containerized applications
|
6. **Kubernetes Secrets** for seamless integration with containerized applications
|
||||||
|
|
||||||
## ⏱️ Quick start guide
|
|
||||||
|
|
||||||
To initialise and unseal OpenBao follow these instructions:
|
|
||||||
|
|
||||||
1. Determine the pods running in your system with:
|
|
||||||
```
|
|
||||||
kubectl get pods -l app.kubernetes.io/name=openbao
|
|
||||||
```
|
|
||||||
|
|
||||||
2. To get the unseal key for each pod the pod _openbao-0_ run:
|
|
||||||
```
|
|
||||||
kubectl exec -ti openbao-0 -- bao operator init
|
|
||||||
```
|
|
||||||
|
|
||||||
3. And to unseal it you'll have to run the following command at least three times - each time with a different key:
|
|
||||||
```
|
|
||||||
kubectl exec -ti openbao-0 -- bao operator unseal <key>
|
|
||||||
```
|
|
||||||
|
|
||||||
4. Repeat step **2** and **3** for the rest of the pods
|
|
||||||
|
|
||||||
5. You should see _STATUS: Running_ for all pods after running
|
|
||||||
```
|
|
||||||
kubectl get pods -l app.kubernetes.io/name=openbao
|
|
||||||
```
|
|
||||||
|
|
||||||
## ⚙️ Configuration
|
|
||||||
|
|
||||||
Visit http://openbao.cnoe.localtest.me/ui/ to access the UI. From there you can easily manage and configure OpenBao.
|
|
||||||
|
|
||||||
## 🔗 References
|
## 🔗 References
|
||||||
|
|
||||||
* https://openbao.org/docs/platform/k8s/helm/run/#initialize-and-unseal-openbao
|
* https://openbao.org/docs/platform/k8s/helm/run/#initialize-and-unseal-openbao
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue