You are looking at the documentation of a prior release. To read the documentation of the latest release, please
visit here.
Install KubeVault Community Edition
KubeVault comes in 2 editions: Community Edition
and Enterprise Edition
. Community Edition
only manages KubeVault custom resources in the default
Kubernetes namespace. Enterprise Edition
can be used to manage KubeVault custom resources in any Kubernetes namespace. A full features comparison between the KubeVault Community edition and Enterprise edition can be found here.
To use the KubeVault Community edition, you can grab 1 year free license from here. After that, you can issue another license for one more year. Typically we release a new version of the operator at least quarterly. So, you can just grab a new license every time you upgrade the operator.
Get a License
In this section, we are going to show you how you can get a 1 year free license for the KubeVault Community edition. You can get a license for your Kubernetes cluster by going through the following steps:
At first, go to AppsCode License Server and fill-up the form. It will ask for your Name, Email, the product you want to install, and your cluster ID (UID of the
kube-system
namespace).Provide your name and email address. You can provide your personal or work email address.
Then, select
KubeVault Community Edition
in the product field.Now, provide your cluster-ID. You can get your cluster ID easily by running the following command:
$ kubectl get ns kube-system -o=jsonpath='{.metadata.uid}'
Then, you have to agree with the terms and conditions. We recommend reading it before checking the box.
Now, you can submit the form. After you submit the form, the AppsCode License server will send an email to the provided email address with a link to your license file.
Navigate to the provided link and save the license into a file. Here, we save the license to a
license.txt
file.
Here is a screenshot of the license form.
You can create licenses for as many clusters as you want. You can upgrade your license any time without re-installing KubeVault by following the upgrading guide from here.
KubeVault licensing process has been designed to work with CI/CD workflow. You can automatically obtain a license from your CI/CD pipeline by following the guide from here.
Install
KubeVault operator can be installed as a Helm chart or simply as Kubernetes manifests.
Using Helm 3
KubeVault can be installed via Helm using the chart from AppsCode Charts Repository. To install, follow the steps below:
$ helm repo add appscode https://charts.appscode.com/stable/
$ helm repo update
$ helm search repo appscode/kubevault
NAME CHART VERSION APP VERSION DESCRIPTION
appscode/kubevault v2022.06.16 v2022.06.16 KubeVault by AppsCode - HashiCorp Vault operato...
appscode/kubevault-catalog v2022.06.16 v2022.06.16 KubeVault Catalog by AppsCode - Catalog for Kub...
appscode/kubevault-crds v2022.06.16 v2022.06.16 KubeVault Custom Resource Definitions
appscode/kubevault-operator v0.8.0 v0.8.0 KubeVault Operator by AppsCode - HashiCorp Vaul...
# Install KubeVault Community operator chart
$ helm install kubevault appscode/kubevault \
--version v2022.06.16 \
--namespace kubevault --create-namespace \
--set-file global.license=/path/to/the/license.txt
To see the detailed configuration options, visit here.
Using YAML
If you prefer to not use Helm, you can generate YAMLs from KubeVault chart and deploy using kubectl
. Here we are going to show the prodecure using Helm 3.
$ helm repo add appscode https://charts.appscode.com/stable/
$ helm repo update
$ helm search repo appscode/kubevault
NAME CHART VERSION APP VERSION DESCRIPTION
appscode/kubevault v2022.06.16 v2022.06.16 KubeVault by AppsCode - HashiCorp Vault operato...
appscode/kubevault-catalog v2022.06.16 v2022.06.16 KubeVault Catalog by AppsCode - Catalog for Kub...
appscode/kubevault-crds v2022.06.16 v2022.06.16 KubeVault Custom Resource Definitions
appscode/kubevault-operator v0.8.0 v0.8.0 KubeVault Operator by AppsCode - HashiCorp Vaul...
# Install KubeVault Community operator chart
$ helm template kubevault appscode/kubevault \
--version v2022.06.16 \
--namespace kubevault --create-namespace \
--set-file global.license=/path/to/the/license.txt \
--set global.skipCleaner=true | kubectl apply -f -
To see the detailed configuration options, visit here.
Verify installation
To check if KubeVault operator pods have started, run the following command:
$ watch kubectl get pods --all-namespaces -l "app.kubernetes.io/instance=kubevault"
NAMESPACE NAME READY STATUS RESTARTS AGE
kubevault kubevault-kubevault-operator-5d5cc4c7c9-mj5d5 1/1 Running 0 2m18s
Once the operator pod is running, you can cancel the above command by typing Ctrl+C
.
Now, to confirm CRD groups have been registered by the operator, run the following command:
$ kubectl get crd -l app.kubernetes.io/name=kubevault
Now, you are ready to create your first database using KubeVault.