From 001ff9450fc03723d93c7b770d2af56ac2fdd50a Mon Sep 17 00:00:00 2001 From: Clint Shryock Date: Mon, 3 Dec 2018 16:08:20 -0600 Subject: [PATCH] comment out the auto-unseal blocks --- values.yaml | 34 ++++++++++++++++++---------------- 1 file changed, 18 insertions(+), 16 deletions(-) diff --git a/values.yaml b/values.yaml index 0bd51b9..962ca57 100644 --- a/values.yaml +++ b/values.yaml @@ -55,14 +55,15 @@ server: path = "/vault/data" } - # The GKMS keys must already exist, and the cluster must have a service - # account that is authorized to access GCP KMS, and ass - seal "gcpckms" { - project = "vault-helm-dev" - region = "global" - key_ring = "vault-helm" - crypto_key = "vault-init" - } + # Example configuration for using auto-unseal, using Google Cloud KMS. The + # GKMS keys must already exist, and the cluster must have a service account + # that is authorized to access GCP KMS. + # seal "gcpckms" { + # project = "vault-helm-dev" + # region = "global" + # key_ring = "vault-helm" + # crypto_key = "vault-init" + # } # extraVolumes is a list of extra volumes to mount. These will be exposed # to Vault in the path `/vault/userconfig//`. The value below is @@ -112,14 +113,15 @@ serverHA: address = "HOST_IP:8500" } - # The GKMS keys must already exist, and the cluster must have a service - # account that is authorized to access GCP KMS, and ass - seal "gcpckms" { - project = "vault-helm-dev" - region = "global" - key_ring = "vault-helm" - crypto_key = "vault-init" - } + # Example configuration for using auto-unseal, using Google Cloud KMS. The + # GKMS keys must already exist, and the cluster must have a service account + # that is authorized to access GCP KMS. + # seal "gcpckms" { + # project = "vault-helm-dev" + # region = "global" + # key_ring = "vault-helm" + # crypto_key = "vault-init" + # } # extraVolumes is a list of extra volumes to mount. These will be exposed # to Vault in the path `/vault/userconfig//`. The value below is