Vault
- Canonical Telco
Channel | Revision | Published | Runs on |
---|---|---|---|
latest/edge | 89 | 31 Jan 2024 | |
latest/edge | 9 | 27 Jan 2023 | |
1.16/stable | 280 | 04 Oct 2024 | |
1.16/candidate | 280 | 04 Oct 2024 | |
1.16/beta | 280 | 04 Oct 2024 | |
1.16/edge | 291 | 19 Nov 2024 | |
1.15/stable | 248 | 24 Jul 2024 | |
1.15/candidate | 248 | 24 Jul 2024 | |
1.15/beta | 248 | 24 Jul 2024 | |
1.15/edge | 248 | 10 Jul 2024 |
juju deploy vault-k8s --channel 1.16/candidate
Deploy Kubernetes operators easily with Juju, the Universal Operator Lifecycle Manager. Need a Kubernetes cluster? Install MicroK8s to create a full CNCF-certified Kubernetes system in under 60 seconds.
Platform:
Unseal a sealed unit
In the circumstance that a Vault unit restarts, you will have to manually unseal it. This guide walks you through the necessary steps:
Starting from a cluster where one unit is sealed:
$ juju status
Model Controller Cloud/Region Version SLA Timestamp
demo microk8s-localhost microk8s/localhost 3.4.0 unsupported 13:02:12-04:00
App Version Status Scale Charm Channel Rev Address Exposed Message
vault waiting 3 vault-k8s 1.15/beta 198 10.152.183.208 no installing agent
Unit Workload Agent Address Ports Message
vault/0* active idle 10.1.182.38
vault/1 active idle 10.1.182.51
vault/2 blocked idle 10.1.182.15 Please unseal Vault
Set the VAULT_ADDR
variable to the sealed unit:
export VAULT_ADDR=https://$(juju status vault/2 --format=yaml | yq '.applications.vault.units.vault/2.address'):8200; echo $VAULT_ADDR
Unseal the the unit using the same unseal keys as received during the initialization of the Vault leader:
vault operator unseal -tls-skip-verify EJoB62t286mjUpSQYZg3mOla3lz/bbElVL5OLnj+rpE=
The units will go back to the active/idle state:
$ juju status
Model Controller Cloud/Region Version SLA Timestamp
demo microk8s-localhost microk8s/localhost 3.4.0 unsupported 13:03:26-04:00
App Version Status Scale Charm Channel Rev Address Exposed Message
vault active 3 vault-k8s 1.15/beta 198 10.152.183.208 no
Unit Workload Agent Address Ports Message
vault/0* active idle 10.1.182.38
vault/1 active idle 10.1.182.51
vault/2 active idle 10.1.182.15