chore: Update manifests after change
This commit is contained in:
@@ -1,5 +1,4 @@
|
||||
---
|
||||
# Source: vault/charts/vault/templates/server-config-configmap.yaml
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
|
||||
@@ -1,5 +1,4 @@
|
||||
---
|
||||
# Source: vault/charts/unseal/templates/common.yaml
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
|
||||
@@ -1,5 +1,4 @@
|
||||
---
|
||||
# Source: vault/charts/unseal/templates/common.yaml
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
|
||||
@@ -1,5 +1,4 @@
|
||||
---
|
||||
# Source: vault/templates/external-secret.yaml
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
|
||||
@@ -1,5 +1,4 @@
|
||||
---
|
||||
# Source: vault/templates/external-secret.yaml
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
|
||||
@@ -1,5 +1,4 @@
|
||||
---
|
||||
# Source: vault/templates/external-secret.yaml
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
|
||||
@@ -1,5 +1,4 @@
|
||||
---
|
||||
# Source: vault/templates/external-secret.yaml
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
|
||||
@@ -1,5 +1,4 @@
|
||||
---
|
||||
# Source: vault/templates/external-secret.yaml
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
|
||||
@@ -1,5 +1,4 @@
|
||||
---
|
||||
# Source: vault/templates/external-secret.yaml
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
|
||||
@@ -1,5 +1,4 @@
|
||||
---
|
||||
# Source: vault/templates/http-route.yaml
|
||||
apiVersion: gateway.networking.k8s.io/v1
|
||||
kind: HTTPRoute
|
||||
metadata:
|
||||
|
||||
@@ -1,5 +1,4 @@
|
||||
---
|
||||
# Source: vault/templates/ingress.yaml
|
||||
apiVersion: networking.k8s.io/v1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
|
||||
@@ -1,5 +1,4 @@
|
||||
---
|
||||
# Source: vault/templates/persistent-volume-claim.yaml
|
||||
apiVersion: v1
|
||||
kind: PersistentVolumeClaim
|
||||
metadata:
|
||||
|
||||
@@ -1,5 +1,4 @@
|
||||
---
|
||||
# Source: vault/charts/vault/templates/tests/server-test.yaml
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
|
||||
@@ -1,7 +1,3 @@
|
||||
---
|
||||
# Source: vault/charts/vault/templates/server-disruptionbudget.yaml
|
||||
# PodDisruptionBudget to prevent degrading the server cluster through
|
||||
# voluntary cluster changes.
|
||||
apiVersion: policy/v1
|
||||
kind: PodDisruptionBudget
|
||||
metadata:
|
||||
|
||||
@@ -1,5 +1,4 @@
|
||||
---
|
||||
# Source: vault/charts/vault/templates/prometheus-prometheusrules.yaml
|
||||
apiVersion: monitoring.coreos.com/v1
|
||||
kind: PrometheusRule
|
||||
metadata:
|
||||
|
||||
@@ -1,5 +1,4 @@
|
||||
---
|
||||
# Source: vault/charts/vault/templates/server-discovery-role.yaml
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: Role
|
||||
metadata:
|
||||
|
||||
@@ -1,5 +1,4 @@
|
||||
---
|
||||
# Source: vault/charts/vault/templates/server-discovery-rolebinding.yaml
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: RoleBinding
|
||||
metadata:
|
||||
|
||||
@@ -1,6 +1,4 @@
|
||||
---
|
||||
# Source: vault/charts/vault/templates/server-ha-active-service.yaml
|
||||
# Service for active Vault pod
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
|
||||
@@ -1,6 +1,4 @@
|
||||
---
|
||||
# Source: vault/charts/vault/templates/server-headless-service.yaml
|
||||
# Service for Vault cluster
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
|
||||
@@ -1,5 +1,4 @@
|
||||
---
|
||||
# Source: vault/charts/vault/templates/ui-service.yaml
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
|
||||
@@ -1,6 +1,4 @@
|
||||
---
|
||||
# Source: vault/charts/vault/templates/server-service.yaml
|
||||
# Service for Vault cluster
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
@@ -14,8 +12,6 @@ metadata:
|
||||
annotations:
|
||||
spec:
|
||||
type: ClusterIP
|
||||
# We want the servers to become available even if they're not ready
|
||||
# since this DNS is also used for join operations.
|
||||
publishNotReadyAddresses: true
|
||||
ports:
|
||||
- name: http
|
||||
|
||||
@@ -1,5 +1,4 @@
|
||||
---
|
||||
# Source: vault/charts/vault/templates/server-serviceaccount.yaml
|
||||
apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
|
||||
@@ -1,5 +1,4 @@
|
||||
---
|
||||
# Source: vault/charts/vault/templates/prometheus-servicemonitor.yaml
|
||||
apiVersion: monitoring.coreos.com/v1
|
||||
kind: ServiceMonitor
|
||||
metadata:
|
||||
|
||||
@@ -1,6 +1,4 @@
|
||||
---
|
||||
# Source: vault/charts/vault/templates/server-statefulset.yaml
|
||||
# StatefulSet to run the actual vault server cluster.
|
||||
apiVersion: apps/v1
|
||||
kind: StatefulSet
|
||||
metadata:
|
||||
@@ -126,11 +124,6 @@ spec:
|
||||
- containerPort: 8202
|
||||
name: http-rep
|
||||
readinessProbe:
|
||||
# Check status; unsealed vault servers return 0
|
||||
# The exit code reflects the seal status:
|
||||
# 0 - unsealed
|
||||
# 1 - error
|
||||
# 2 - sealed
|
||||
exec:
|
||||
command: ["/bin/sh", "-ec", "vault status -tls-skip-verify"]
|
||||
failureThreshold: 2
|
||||
@@ -139,18 +132,11 @@ spec:
|
||||
successThreshold: 1
|
||||
timeoutSeconds: 3
|
||||
lifecycle:
|
||||
# Vault container doesn't receive SIGTERM from Kubernetes
|
||||
# and after the grace period ends, Kube sends SIGKILL. This
|
||||
# causes issues with graceful shutdowns such as deregistering itself
|
||||
# from Consul (zombie services).
|
||||
preStop:
|
||||
exec:
|
||||
command:
|
||||
- "/bin/sh"
|
||||
- "-c"
|
||||
# Adding a sleep here to give the pod eviction a
|
||||
# chance to propagate, so requests will not be made
|
||||
# to this pod while it's terminating
|
||||
- "sleep 5 && kill -SIGTERM $(pidof vault)"
|
||||
volumeClaimTemplates:
|
||||
- metadata:
|
||||
|
||||
Reference in New Issue
Block a user