Page Comparison

...

1. Add the HashiCorp Helm repository.

   Code Block
   language bash
   helm repo add hashicorp https://helm.releases.hashicorp.com

2. Update all the repositories to ensure helm is aware of the latest versions.

   Code Block
   language bash
   helm repo update hashicorp

3. Install the latest version of the Hashicorp Vault server running in development mode.
   Development mode: Running a Hashicorp Vault server in development is automatically initialized and unsealed. This is ideal in a learning environment but NOT recommended for a production environment.

   Code Block
   language bash
   helm install vault hashicorp/vault --set "server.dev.enabled=true"

   The vault pod and vault Agent Injector pod are deployed in the default namespace.

4. Display all the pods in the default namespace.

   Code Block
   language bash
   $ kubectl get pods

   Code Block
   language text
   NAME READY STATUS RESTARTS AGE vault-0 1/1 Running 0 80s vault-agent-injector-5945fb98b5-tpglz 1/1 Running 0 80s

   The vault-0 pod runs a vault server in development mode. The vault-agent-injector pod performs the injection based on the annotations present or patched on a deployment.
   

5. Wait until the vault-0 pod and vault-agent-injector pod are running and ready (1/1).

...

1. Copy the hivemq-license file to the vault-0 pod.

   Code Block
   language bash
   $ kubectl cp hivemq.lic pod/vault-0:/tmp/

2. Verify that the file is copied.

   Code Block
   language bash
   $ kubectl exec -it vault-0 -- ls /tmp

   Code Block
   language text
   hivemq.lic

3. Start an interactive shell session on the vault-0 pod.

   Code Block
   language bash
   $ kubectl exec -it vault-0 -- /bin/sh

   Code Block
   language text
   / $

   Your system prompt is replaced with a new prompt / $. Commands issued at this prompt are executed on the vault-0 container.

4. Enable kv-v2 secrets at the path hivemq.

   Code Block
   language bash
   $ vault secrets enable -path=hivemq kv-v2

   Code Block
   language text
   Success! Enabled the kv-v2 secrets engine at: hivemq/

5. Create a secret at path hivemq/myenv/license with a hivemq_license_b64 key and base64-encoded /tmp/hivemq.lic file.

   Code Block
   language bash
   $ cd /tmp $ vault kv put hivemq/myenv/license hivemq_license_b64="$(base64 -w 0 hivemq.lic)"

   Code Block
   language text
   ====== Secret Path ====== hivemq/data/myenv/license ======= Metadata ======= Key Value --- ----- created_time 2024-02-21T17:34:39.261249639Z custom_metadata <nil> deletion_time n/a destroyed false version 1

6. Verify that the secret is defined at the path hivemq/myenv/license.

   Code Block
   language bash
   $ vault kv get hivemq/myenv/license

   Code Block
   language text
   ====== Secret Path ====== hivemq/data/myenv/license ======= Metadata ======= Key Value --- ----- created_time 2024-02-21T14:57:01.446984026Z custom_metadata <nil> deletion_time n/a destroyed false version 1 ========= Data ========= Key Value --- ----- hivemq_license_b64 SCFNUSRbM10.......

   The secret is ready for the application.

7. Lastly, exit the vault-0 pod.

   Code Block
   language bash
   $ exit

Configure Kubernetes authentication

...