Install KubeVault Enterprise Edition

KubeVault comes in 2 editions: Community Edition and Enterprise Edition. Community Edition only manages KubeVault custom resources in the default Kubernetes namespace. Enterprise Edition can be used to manage KubeVault custom resources in any Kubernetes namespace. A full features comparison between the KubeVault Community edition and Enterprise edition can be found here.

If you are willing to try KubeVault Enterprise Edition, you can grab a 30 days trial license from here.

Get a Trial License

In this section, we are going to show you how you can get a 30 days trial license for KubeVault Enterprise edition. You can get a license for your Kubernetes cluster by going through the following steps:

  • At first, go to AppsCode License Server and fill up the form. It will ask for your Name, Email, the product you want to install, and your cluster ID (UID of the kube-system namespace).
  • Provide your name and email address. You must provide your work email address.
  • Then, select KubeVault Enterprise Edition in the product field.
  • Now, provide your cluster ID. You can get your cluster ID easily by running the following command:
kubectl get ns kube-system -o=jsonpath='{.metadata.uid}'
  • Then, you have to agree with the terms and conditions. We recommend reading it before checking the box.
  • Now, you can submit the form. After you submit the form, the AppsCode License server will send an email to the provided email address with a link to your license file.
  • Navigate to the provided link and save the license into a file. Here, we save the license to a license.txt file.

Here is a screenshot of the license form.

KubeVault Backend Overview
Fig: KubeVault License Form

You can create licenses for as many clusters as you want. You can upgrade your license any time without re-installing KubeVault by following the upgrading guide from here.

KubeVault licensing process has been designed to work with CI/CD workflow. You can automatically obtain a license from your CI/CD pipeline by following the guide from here.

Get an Enterprise License

If you are interested in purchasing Enterprise license, please contact us via [email protected] for further discussion. You can also set up a meeting via our calendly link.

If you are willing to purchasing Enterprise license but need more time to test in your dev cluster, feel free to contact [email protected]. We will be happy to extend your trial period.

Install

To activate the Enterprise features, you need to install both KubeVault Community operator and Enterprise operator chart. These operators can be installed as a Helm chart or simply as Kubernetes manifests. If you have already installed the Community operator, only install the Enterprise operator (step 4 in the following secttion).

Using Helm 3

KubeVault can be installed via Helm using the chart from AppsCode Charts Repository. To install, follow the steps below:

$ helm repo add appscode https://charts.appscode.com/stable/
$ helm repo update

$ helm search repo appscode/kubevault
NAME                        CHART VERSION APP VERSION DESCRIPTION                                       
appscode/kubevault          v2021.10.11   v2021.10.11 KubeVault by AppsCode - HashiCorp Vault operato...
appscode/kubevault-catalog  v2021.10.11   v2021.10.11 KubeVault Catalog by AppsCode - Catalog for Kub...
appscode/kubevault-crds     v2021.10.11   v2021.10.11 KubeVault Custom Resource Definitions             
appscode/kubevault-operator v0.5.1        v0.5.1      KubeVault Operator by AppsCode - HashiCorp Vaul...

# Install KubeVault Enterprise operator chart
$ helm install kubevault appscode/kubevault \
    --version v2021.10.11 \
    --namespace kubevault --create-namespace \
    --set-file global.license=/path/to/the/license.txt

To see the detailed configuration options, visit here.

Using YAML

If you prefer to not use Helm, you can generate YAMLs from KubeVault chart and deploy using kubectl. Here we are going to show the procedure using Helm 3.

$ helm repo add appscode https://charts.appscode.com/stable/
$ helm repo update

$ helm search repo appscode/kubevault
NAME                        CHART VERSION APP VERSION DESCRIPTION                                       
appscode/kubevault          v2021.10.11   v2021.10.11 KubeVault by AppsCode - HashiCorp Vault operato...
appscode/kubevault-catalog  v2021.10.11   v2021.10.11 KubeVault Catalog by AppsCode - Catalog for Kub...
appscode/kubevault-crds     v2021.10.11   v2021.10.11 KubeVault Custom Resource Definitions             
appscode/kubevault-operator v0.5.1        v0.5.1      KubeVault Operator by AppsCode - HashiCorp Vaul...

# Install KubeVault Enterprise operator chart
$ helm template kubevault appscode/kubevault \
    --version v2021.10.11 \
    --namespace kubevault --create-namespace \
    --set-file global.license=/path/to/the/license.txt \
    --set global.skipCleaner=true | kubectl apply -f -

To see the detailed configuration options, visit here.

Verify installation

To check if KubeVault operator pods have started, run the following command:

$ watch kubectl get pods --all-namespaces -l "app.kubernetes.io/instance=kubevault"

NAMESPACE   NAME                                            READY   STATUS    RESTARTS   AGE
kubevault   kubevault-kubevault-operator-5d5cc4c7c9-mj5d5   1/1     Running   0          2m18s

Once the operator pod is running, you can cancel the above command by typing Ctrl+C.

Now, to confirm CRD groups have been registered by the operator, run the following command:

$ kubectl get crd -l app.kubernetes.io/name=kubevault

Now, you are ready to create your first database using KubeVault.