使用terraform运行的Vault Helm chart不会在kubernetes上创建入口

x8goxv8g 于 2023-08-03 发布在 Kubernetes

关注(0)|答案(1)|浏览(79)

我正在尝试通过从Terraform运行Vault Helm图表来在Kubernetes集群上安装Vault。出于某种原因，入口没有被创建。当我转发pod端口时，ui显示正常，所以我假设一切都正常，但入口不可用让我感到困惑。编辑：运行terraform apply时没有错误。如果还有什么地方我应该看，请告诉我。这是我的helm_release资源：

name       = "vault"
  repository = "https://helm.releases.hashicorp.com"
  chart      = "vault"

  namespace        = "vault"
  create_namespace = true

  set {
    name  = "ui.enabled"
    value = "true"
  }

  #Set ingress up to use cert-manager provided secret
  set {
    name  = "ingress.enabled"
    value = "true"
  }

  set {
    name  = "ingress.annotations.cert-manager\\.io/cluster-issuer"
    value = "letsencrypt-cluster-prod"
  }

  set {
    name  = "ingress.annotations.kubernetes\\.io/ingress\\.class"
    value = "nginx"
  }

  set {
    name  = "ingress.tls[0].hosts[0]"
    value = var.vault_hostname
  }

  set {
    name  = "ingress.hosts[0].host"
    value = var.vault_hostname
  }

  set {
    name  = "ingress.hosts[0].paths[0]"
    value = "/"
  }
}

字符串
我对所有这些技术都相对较新，以前曾与 puppet 合作过，所以如果有人能为我指出正确的方向，我会非常感激。

kubernetes

来源：https://stackoverflow.com/questions/73231940/vault-helm-chart-run-with-terraform-does-not-create-an-ingress-on-kubernetes

1条答案

按热度按时间

ulydmbyx1#

我实现了用一个局部变量启用ingress，下面是工作示例

locals {
  values = {
    server = {
      ingress = {
        enabled = var.server_enabled
        labels = {
          traffic = "external"
        }
        ingressClassName = "nginx"
        annotations = {
          "kubernetes.io/tls-acme"                   = "true"
          "nginx.ingress.kubernetes.io/ssl-redirect" = "true"
        }
        hosts = [{
          host  = vault.example.com
          paths = ["/"]
        }]
        tls = [
          {
            secretName = vault-tls-secret
            hosts      = ["vault.example.com"]
          }
        ]
      }
    }
  }
}

resource "helm_release" "vault" {
  name             = "vault"
  namespace        = "vault"
  repository       = "https://helm.releases.hashicorp.com"
  chart            = "vault"
  version          = "0.19.0"
  create_namespace = true

  # other values to set
  #set { 
  #  name = "server.ha.enabled"
  #  value = "true"
  #}

  values = [
    yamlencode(local.values)
  ]
}

字符串

赞(0）回复(0）举报 2023-08-03

我来回答

使用terraform运行的Vault Helm chart不会在kubernetes上创建入口

1条答案

相关问题

热门标签

最新问答