54 lines
1.3 KiB
YAML
54 lines
1.3 KiB
YAML
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
namespace: vault
|
|
name: vault
|
|
spec:
|
|
replicas: 1
|
|
selector:
|
|
matchLabels:
|
|
app: vault
|
|
strategy:
|
|
type: Recreate
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app: vault
|
|
spec:
|
|
containers:
|
|
- env:
|
|
- name: VAULT_ADDR
|
|
value: "http://127.0.0.1:8200"
|
|
- name: VAULT_LOCAL_CONFIG
|
|
value: |
|
|
storage "file" {
|
|
path = "/vault/file"
|
|
}
|
|
|
|
listener "tcp" {
|
|
address = "0.0.0.0:8200"
|
|
tls_disable = 1
|
|
}
|
|
|
|
api_addr = "https://vault.strudelline.net"
|
|
ui = true
|
|
|
|
disable_mlock = true # k8s can't swap anyway
|
|
image: hashicorp/vault:1.13.1
|
|
args:
|
|
- server
|
|
name: vault
|
|
volumeMounts:
|
|
- mountPath: /vault/logs
|
|
name: vault-logs
|
|
- mountPath: /vault/file
|
|
name: vault-file
|
|
restartPolicy: Always
|
|
volumes:
|
|
- name: vault-file
|
|
persistentVolumeClaim:
|
|
claimName: vault-file
|
|
- name: vault-logs
|
|
persistentVolumeClaim:
|
|
claimName: vault-logs
|