Company
Date Published
Author
Justin Weissig
Word count
957
Language
English
Hacker News points
None

Summary

HashiCorp Vault is being used together with Kubernetes to securely introduce secrets into applications. The most common integration method is using a sidecar agent to inject static and dynamic secrets from Vault into Kubernetes pods. Another integration method is the Kubernetes auth engine, which allows for authentication with Vault using a Kubernetes service account token. Additionally, there are integrations such as the Helm chart, which provides a production-ready way to get up and running quickly, and the Kubernetes secrets engine, which dynamically generates Kubernetes service account tokens, service accounts, role bindings, and roles. The company is also considering an operator approach to enhance vault-k8s integration, which would provide a better developer experience and more native Kubernetes experience.