update OpenBao to v2.0.2
Signed-off-by: Jan Martens <jan@martens.eu.org>
This commit is contained in:
Jan Martens
parent
a6d9d9f388
commit
3dd2dec9e3
3 changed files with 29 additions and 22 deletions
|
|
@ -1,6 +1,6 @@
|
||||||
# openbao
|
# openbao
|
||||||
|
|
||||||
 
|
 
|
||||||
|
|
||||||
Official OpenBao Chart
|
Official OpenBao Chart
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -14,13 +14,13 @@ injector:
|
||||||
agentImage:
|
agentImage:
|
||||||
registry: "quay.io"
|
registry: "quay.io"
|
||||||
repository: "openbao/openbao"
|
repository: "openbao/openbao"
|
||||||
tag: "v2.0.1-ubi"
|
tag: "v2.0.2-ubi"
|
||||||
|
|
||||||
server:
|
server:
|
||||||
image:
|
image:
|
||||||
registry: "quay.io"
|
registry: "quay.io"
|
||||||
repository: "openbao/openbao"
|
repository: "openbao/openbao"
|
||||||
tag: "v2.0.1-ubi"
|
tag: "v2.0.2-ubi"
|
||||||
|
|
||||||
readinessProbe:
|
readinessProbe:
|
||||||
path: "/v1/sys/health?uninitcode=204"
|
path: "/v1/sys/health?uninitcode=204"
|
||||||
|
|
|
||||||
|
|
@ -84,7 +84,7 @@ injector:
|
||||||
# -- image repo to use for agent image
|
# -- image repo to use for agent image
|
||||||
repository: "openbao/openbao"
|
repository: "openbao/openbao"
|
||||||
# -- image tag to use for agent image
|
# -- image tag to use for agent image
|
||||||
tag: "2.0.1"
|
tag: "2.0.2"
|
||||||
# -- image pull policy to use for agent image. if tag is "latest", set to "Always"
|
# -- image pull policy to use for agent image. if tag is "latest", set to "Always"
|
||||||
pullPolicy: IfNotPresent
|
pullPolicy: IfNotPresent
|
||||||
|
|
||||||
|
|
@ -288,7 +288,8 @@ injector:
|
||||||
|
|
||||||
# extraEnvironmentVars is a list of extra environment variables to set in the
|
# extraEnvironmentVars is a list of extra environment variables to set in the
|
||||||
# injector deployment.
|
# injector deployment.
|
||||||
extraEnvironmentVars: {}
|
extraEnvironmentVars:
|
||||||
|
{}
|
||||||
# KUBERNETES_SERVICE_HOST: kubernetes.default.svc
|
# KUBERNETES_SERVICE_HOST: kubernetes.default.svc
|
||||||
|
|
||||||
# Affinity Settings for injector pods
|
# Affinity Settings for injector pods
|
||||||
|
|
@ -379,7 +380,7 @@ server:
|
||||||
# -- image repo to use for server image
|
# -- image repo to use for server image
|
||||||
repository: "openbao/openbao"
|
repository: "openbao/openbao"
|
||||||
# -- image tag to use for server image
|
# -- image tag to use for server image
|
||||||
tag: "2.0.1"
|
tag: "2.0.2"
|
||||||
# -- image pull policy to use for server image. if tag is "latest", set to "Always"
|
# -- image pull policy to use for server image. if tag is "latest", set to "Always"
|
||||||
pullPolicy: IfNotPresent
|
pullPolicy: IfNotPresent
|
||||||
|
|
||||||
|
|
@ -410,9 +411,11 @@ server:
|
||||||
# In order to expose the service, use the route section below
|
# In order to expose the service, use the route section below
|
||||||
ingress:
|
ingress:
|
||||||
enabled: false
|
enabled: false
|
||||||
labels: {}
|
labels:
|
||||||
|
{}
|
||||||
# traffic: external
|
# traffic: external
|
||||||
annotations: {}
|
annotations:
|
||||||
|
{}
|
||||||
# |
|
# |
|
||||||
# kubernetes.io/ingress.class: nginx
|
# kubernetes.io/ingress.class: nginx
|
||||||
# kubernetes.io/tls-acme: "true"
|
# kubernetes.io/tls-acme: "true"
|
||||||
|
|
@ -480,7 +483,8 @@ server:
|
||||||
# -- extraInitContainers is a list of init containers. Specified as a YAML list.
|
# -- extraInitContainers is a list of init containers. Specified as a YAML list.
|
||||||
# This is useful if you need to run a script to provision TLS certificates or
|
# This is useful if you need to run a script to provision TLS certificates or
|
||||||
# write out configuration files in a dynamic way.
|
# write out configuration files in a dynamic way.
|
||||||
extraInitContainers: []
|
extraInitContainers:
|
||||||
|
[]
|
||||||
# # This example installs a plugin pulled from github into the /usr/local/libexec/vault/oauthapp folder,
|
# # This example installs a plugin pulled from github into the /usr/local/libexec/vault/oauthapp folder,
|
||||||
# # which is defined in the volumes value.
|
# # which is defined in the volumes value.
|
||||||
# - name: oauthapp
|
# - name: oauthapp
|
||||||
|
|
@ -508,7 +512,8 @@ server:
|
||||||
|
|
||||||
# -- extraPorts is a list of extra ports. Specified as a YAML list.
|
# -- extraPorts is a list of extra ports. Specified as a YAML list.
|
||||||
# This is useful if you need to add additional ports to the statefulset in dynamic way.
|
# This is useful if you need to add additional ports to the statefulset in dynamic way.
|
||||||
extraPorts: []
|
extraPorts:
|
||||||
|
[]
|
||||||
# - containerPort: 8300
|
# - containerPort: 8300
|
||||||
# name: http-monitoring
|
# name: http-monitoring
|
||||||
|
|
||||||
|
|
@ -570,14 +575,16 @@ server:
|
||||||
|
|
||||||
# extraEnvironmentVars is a list of extra environment variables to set with the stateful set. These could be
|
# extraEnvironmentVars is a list of extra environment variables to set with the stateful set. These could be
|
||||||
# used to include variables required for auto-unseal.
|
# used to include variables required for auto-unseal.
|
||||||
extraEnvironmentVars: {}
|
extraEnvironmentVars:
|
||||||
|
{}
|
||||||
# GOOGLE_REGION: global
|
# GOOGLE_REGION: global
|
||||||
# GOOGLE_PROJECT: myproject
|
# GOOGLE_PROJECT: myproject
|
||||||
# GOOGLE_APPLICATION_CREDENTIALS: /openbao/userconfig/myproject/myproject-creds.json
|
# GOOGLE_APPLICATION_CREDENTIALS: /openbao/userconfig/myproject/myproject-creds.json
|
||||||
|
|
||||||
# extraSecretEnvironmentVars is a list of extra environment variables to set with the stateful set.
|
# extraSecretEnvironmentVars is a list of extra environment variables to set with the stateful set.
|
||||||
# These variables take value from existing Secret objects.
|
# These variables take value from existing Secret objects.
|
||||||
extraSecretEnvironmentVars: []
|
extraSecretEnvironmentVars:
|
||||||
|
[]
|
||||||
# - envName: AWS_SECRET_ACCESS_KEY
|
# - envName: AWS_SECRET_ACCESS_KEY
|
||||||
# secretName: openbao
|
# secretName: openbao
|
||||||
# secretKey: AWS_SECRET_ACCESS_KEY
|
# secretKey: AWS_SECRET_ACCESS_KEY
|
||||||
|
|
@ -586,7 +593,8 @@ server:
|
||||||
# extraVolumes is a list of extra volumes to mount. These will be exposed
|
# extraVolumes is a list of extra volumes to mount. These will be exposed
|
||||||
# to OpenBao in the path `/openbao/userconfig/<name>/`. The value below is
|
# to OpenBao in the path `/openbao/userconfig/<name>/`. The value below is
|
||||||
# an array of objects, examples are shown below.
|
# an array of objects, examples are shown below.
|
||||||
extraVolumes: []
|
extraVolumes:
|
||||||
|
[]
|
||||||
# - type: secret (or "configMap")
|
# - type: secret (or "configMap")
|
||||||
# name: my-secret
|
# name: my-secret
|
||||||
# path: null # default is `/openbao/userconfig`
|
# path: null # default is `/openbao/userconfig`
|
||||||
|
|
@ -651,12 +659,12 @@ server:
|
||||||
# port: 443
|
# port: 443
|
||||||
ingress:
|
ingress:
|
||||||
- from:
|
- from:
|
||||||
- namespaceSelector: {}
|
- namespaceSelector: {}
|
||||||
ports:
|
ports:
|
||||||
- port: 8200
|
- port: 8200
|
||||||
protocol: TCP
|
protocol: TCP
|
||||||
- port: 8201
|
- port: 8201
|
||||||
protocol: TCP
|
protocol: TCP
|
||||||
|
|
||||||
# Priority class for server pods
|
# Priority class for server pods
|
||||||
priorityClassName: ""
|
priorityClassName: ""
|
||||||
|
|
@ -893,7 +901,6 @@ server:
|
||||||
# persistent volumes for OpenBao to store data according to the configuration under server.dataStorage.
|
# persistent volumes for OpenBao to store data according to the configuration under server.dataStorage.
|
||||||
# The OpenBao cluster will coordinate leader elections and failovers internally.
|
# The OpenBao cluster will coordinate leader elections and failovers internally.
|
||||||
raft:
|
raft:
|
||||||
|
|
||||||
# Enables Raft integrated storage
|
# Enables Raft integrated storage
|
||||||
enabled: false
|
enabled: false
|
||||||
# Set the Node Raft ID to the name of the pod
|
# Set the Node Raft ID to the name of the pod
|
||||||
|
|
@ -968,8 +975,8 @@ server:
|
||||||
disruptionBudget:
|
disruptionBudget:
|
||||||
enabled: true
|
enabled: true
|
||||||
|
|
||||||
# maxUnavailable will default to (n/2)-1 where n is the number of
|
# maxUnavailable will default to (n/2)-1 where n is the number of
|
||||||
# replicas. If you'd like a custom value, you can specify an override here.
|
# replicas. If you'd like a custom value, you can specify an override here.
|
||||||
maxUnavailable: null
|
maxUnavailable: null
|
||||||
|
|
||||||
# Definition of the serviceAccount used to run Vault.
|
# Definition of the serviceAccount used to run Vault.
|
||||||
|
|
@ -1183,7 +1190,7 @@ csi:
|
||||||
# -- image repo to use for agent image
|
# -- image repo to use for agent image
|
||||||
repository: "openbao/openbao"
|
repository: "openbao/openbao"
|
||||||
# -- image tag to use for agent image
|
# -- image tag to use for agent image
|
||||||
tag: "2.0.1"
|
tag: "2.0.2"
|
||||||
# -- image pull policy to use for agent image. if tag is "latest", set to "Always"
|
# -- image pull policy to use for agent image. if tag is "latest", set to "Always"
|
||||||
pullPolicy: IfNotPresent
|
pullPolicy: IfNotPresent
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue