kubernetes-vault - Use Vault to store secrets for Kubernetes!

  •        106

The Kubernetes-Vault project allows pods to automatically receive a Vault token using Vault's AppRole auth backend.To run Kubernetes-Vault on your cluster, follow the quick start guide.

https://github.com/Boostport/kubernetes-vault

Tags
Implementation
License
Platform

   




Related Projects

vault-on-gke - Run @HashiCorp Vault on Google Kubernetes Engine (GKE) with Terraform

  •    HCL

This tutorial walks through provisioning a highly-available HashiCorp Vault cluster on Google Kubernetes Engine using HashiCorp Terraform as the provisioning tool. This tutorial is based on Kelsey Hightower's Vault on Google Kubernetes Engine, but focuses on codifying the steps in Terraform instead of teaching you them individually. If you would like to know how to provision HashiCorp Vault on Kuberenetes step-by-step (aka "the hard way"), please follow Kelsey's repository instead.

vault-operator - Run and manage Vault on Kubernetes simply and securely

  •    Go

The basic features have been completed, and while no breaking API changes are currently planned, the API can change in a backwards incompatible way before the project is declared stable. The Vault operator deploys and manages Vault clusters on Kubernetes. Vault instances created by the Vault operator are highly available and support automatic failover and upgrade.

vault-controller - Automate the creation of unique Vault tokens for Kubernetes Pods using init containers

  •    Go

The Vault Controller automates the creation of Vault tokens for Kubernetes Pods. This repo includes a set of hands-on tutorials and example programs you can use to try out the Vault Controller.This is a prototype. Do not use this in production.

isopod - An expressive DSL and framework for Kubernetes configuration without YAML

  •    Go

Isopod is an expressive DSL framework for Kubernetes configuration. Without intermediate YAML artifacts, Isopod renders Kubernetes objects as Protocol Buffers, so they are strongly typed and consumed directly by the Kubernetes API. With Isopod, configurations are scripted in Starlark, a Python dialect by Google also used by Bazel and Buck build systems. Isopod offers runtime built-ins to access services and utilities such as Vault secret management, Kubernetes apiserver, HTTP requester, Base64 encoder, and UUID generator, etc. Isopod uses separate runtime for unit tests to mock all built-ins, providing the test coverage not possible before.


secrets-store-csi-driver - Secrets Store CSI driver for Kubernetes secrets - Integrates secrets stores with Kubernetes via a CSI volume

  •    Go

Secrets Store CSI driver for Kubernetes secrets - Integrates secrets stores with Kubernetes via a Container Storage Interface (CSI) volume. The Secrets Store CSI driver secrets-store.csi.k8s.io allows Kubernetes to mount multiple secrets, keys, and certs stored in enterprise-grade external secrets stores into their pods as a volume. Once the Volume is attached, the data in it is mounted into the container's file system.

cert-manager - Automatically provision and manage TLS certificates in Kubernetes

  •    Go

cert-manager is a Kubernetes add-on to automate the management and issuance of TLS certificates from various issuing sources. It will ensure certificates are valid and up to date periodically, and attempt to renew certificates at an appropriate time before expiry.

daytona - a vault client, but for containers and servers.

  •    Go

This is intended to be a lighter, alternative, implementation of the Vault client CLI primarily for services and containers. Its core features are the ability to automate authentication, fetching of secrets, and automated token renewal. Instead, a single binary can be used to accomplish most of these goals.

kubespray - Deploy a Production Ready Kubernetes Cluster

  •    Python

probably pointing on a task depending on a module present in requirements.txt (i.e. "unseal vault"). One way of solving this would be to uninstall the Ansible package and then, to install it via pip but it is not always possible. A workaround consists of setting ANSIBLE_LIBRARY and ANSIBLE_MODULE_UTILS environment variables respectively to the ansible/modules and ansible/module_utils subdirectories of pip packages installation location, which can be found in the Location field of the output of pip show [package] before executing ansible-playbook.

ansible-vault - :key: Ansible role for Hashicorp Vault

  •    Jinja

This Ansible role performs a basic Vault installation, including filesystem structure and example configuration. It can also bootstrap a minimal development or evaluation server or HA Consul-backed cluster in a Vagrant and VirtualBox based environment. See README_VAGRANT.md and the associated Vagrantfile for more details about the developer mode setup.

serverless-vault-with-cloud-run - Guide to running Vault on Cloud Run

  •    Shell

This tutorial walks you through deploying Hashicorp's Vault on Cloud Run, Google Cloud's container based Serverless compute platform. Vault is a tool for encrypting data, managing secrets, and auditing access to them. Vault should be deployed to a secure and highly available environment to ensure applications have reliable access to secrets and credentials. Vault can leverage managed services such as Cloud KMS and Google Cloud Storage to protect and store its data, and Cloud Run to serve it and capture audit logs.

hvac - :lock: Python 2/3 client for HashiCorp Vault

  •    Python

Tested against Vault v0.1.2 and HEAD. Requires v0.1.2 or later.if you would like to be able to return parsed HCL data as a Python dict for methods that support it.

vault-ui - Vault-UI — A beautiful UI to manage your Vault, written in React

  •    Javascript

Docker images are automatically built using an automated build on Docker Hub. We encourage that versioned images are used for production. By default, connection and authentication parameters must be configured by clicking on the configuration cog on the login page. Using environment variables (via docker), an administrator can pre-configure those parameters.

konfig - Composable, observable and performant config handling for Go for the distributed processing era

  •    Go

Composable, observable and performant config handling for Go. Written for larger distributed systems where you may have plenty of configuration sources - it allows you to compose configurations from multiple sources with reload hooks making it simple to build apps that live in a highly dynamic environment. The name is Swedish for "config". We have a lot of nationalities here at Lalamove and to celebrate cultural diversity most of our open source packages will carry a name derived from a non-English language that is perhaps spoken by at least one of our employees(?).

envconsul - Launch a subprocess with environment variables using data from @HashiCorp Consul and Vault

  •    Go

Envconsul provides a convenient way to launch a subprocess with environment variables populated from HashiCorp Consul and Vault. The tool is inspired by envdir and envchain, but works on many major operating systems with no runtime requirements. It is also available via a Docker container for scheduled environments.Envconsul supports 12-factor applications which get their configuration via the environment. Environment variables are dynamically populated from Consul or Vault, but the application is unaware; applications just read environment variables. This enables extreme flexibility and portability for applications across systems.

Vault - A tool for managing secrets

  •    Go

Vault secures, stores, and tightly controls access to tokens, passwords, certificates, API keys, and other secrets in modern computing. Vault handles leasing, key revocation, key rolling, and auditing. Vault presents a unified API to access multiple backends: HSMs, AWS IAM, SQL databases, raw key/value, and more.

Vault - Vault of common API's for Bukkit Plugins

  •    Java

Vault is a Permissions & Economy API to allow plugins to more easily hook into these systems without needing to hook each individual system themselves. Vault currently supports the following: Permissions 3, PEX, GroupManager, bPerms, bPerms2, SimplyPerms, DroxPerms, zPermissions, rscPermissions, KPerms, Starburst, iConomy (4/5/6) BOSEconomy *6/7), EssentialsEcon, 3Co, MultiConomy, MineConomy, EconXP, eWallet, CurrencyCore, XPBank, CraftConomy, AEco, SDFEconomy, TAEcon, and OverPermissions

Kops - The easiest way to get a production grade Kubernetes cluster up and running

  •    Go

The easiest way to get a production grade Kubernetes cluster up and running. It helps you create, destroy, upgrade and maintain production-grade, highly available, Kubernetes clusters from the command line. AWS (Amazon Web Services) is currently officially supported, with GCE and VMware vSphere in alpha and other platforms planned.






We have large collection of open source products. Follow the tags from Tag Cloud >>


Open source products are scattered around the web. Please provide information about the open source projects you own / you use. Add Projects.