You are looking at the documentation of a prior release. To read the documentation of the latest release, please
visit here.
Install KubeVault Enterprise Edition
KubeVault comes in 2 editions: Community Edition
and Enterprise Edition
. Community Edition
only manages KubeVault custom resources in the default
Kubernetes namespace. Enterprise Edition
can be used to manage KubeVault custom resources in any Kubernetes namespace. A full features comparison between the KubeVault Community edition and Enterprise edition can be found here.
If you are willing to try KubeVault Enterprise Edition, you can grab a 30 days trial license from here.
Get a Trial License
In this section, we are going to show you how you can get a 30 days trial license for KubeVault Enterprise edition. You can get a license for your Kubernetes cluster by going through the following steps:
- At first, go to AppsCode License Server and fill up the form. It will ask for your Name, Email, the product you want to install, and your cluster ID (UID of the
kube-system
namespace). - Provide your name and email address. You must provide your work email address.
- Then, select
KubeVault Enterprise Edition
in the product field. - Now, provide your cluster ID. You can get your cluster ID easily by running the following command:
kubectl get ns kube-system -o=jsonpath='{.metadata.uid}'
- Then, you have to agree with the terms and conditions. We recommend reading it before checking the box.
- Now, you can submit the form. After you submit the form, the AppsCode License server will send an email to the provided email address with a link to your license file.
- Navigate to the provided link and save the license into a file. Here, we save the license to a
license.txt
file.
Here is a screenshot of the license form.
You can create licenses for as many clusters as you want. You can upgrade your license any time without re-installing KubeVault by following the upgrading guide from here.
KubeVault licensing process has been designed to work with CI/CD workflow. You can automatically obtain a license from your CI/CD pipeline by following the guide from here.
Get an Enterprise License
If you are interested in purchasing Enterprise license, please contact us via [email protected] for further discussion. You can also set up a meeting via our calendly link.
If you are willing to purchasing Enterprise license but need more time to test in your dev cluster, feel free to contact [email protected]. We will be happy to extend your trial period.
Install
To activate the Enterprise features, you need to install both KubeVault Community operator and Enterprise operator chart. These operators can be installed as a Helm chart or simply as Kubernetes manifests. If you have already installed the Community operator, only install the Enterprise operator (step 4 in the following secttion).
Using Helm 3
KubeVault can be installed via Helm using the chart from AppsCode Charts Repository. To install, follow the steps below:
$ helm repo add appscode https://charts.appscode.com/stable/
$ helm repo update
$ helm search repo appscode/kubevault
NAME CHART VERSION APP VERSION DESCRIPTION
appscode/kubevault v2022.09.05-rc.0 v2022.09.05-rc.0 KubeVault by AppsCode - HashiCorp Vault operato...
appscode/kubevault-catalog v2022.09.05-rc.0 v2022.09.05-rc.0 KubeVault Catalog by AppsCode - Catalog for Kub...
appscode/kubevault-crds v2022.09.05-rc.0 v2022.09.05-rc.0 KubeVault Custom Resource Definitions
appscode/kubevault-operator v0.9.0-rc.0 v0.9.0-rc.0 KubeVault Operator by AppsCode - HashiCorp Vaul...
# Install KubeVault Enterprise operator chart
$ helm install kubevault appscode/kubevault \
--version v2022.09.05-rc.0 \
--namespace kubevault --create-namespace \
--set-file global.license=/path/to/the/license.txt
To see the detailed configuration options, visit here.
Using YAML
If you prefer to not use Helm, you can generate YAMLs from KubeVault chart and deploy using kubectl
. Here we are going to show the procedure using Helm 3.
$ helm repo add appscode https://charts.appscode.com/stable/
$ helm repo update
$ helm search repo appscode/kubevault
NAME CHART VERSION APP VERSION DESCRIPTION
appscode/kubevault v2022.09.05-rc.0 v2022.09.05-rc.0 KubeVault by AppsCode - HashiCorp Vault operato...
appscode/kubevault-catalog v2022.09.05-rc.0 v2022.09.05-rc.0 KubeVault Catalog by AppsCode - Catalog for Kub...
appscode/kubevault-crds v2022.09.05-rc.0 v2022.09.05-rc.0 KubeVault Custom Resource Definitions
appscode/kubevault-operator v0.9.0-rc.0 v0.9.0-rc.0 KubeVault Operator by AppsCode - HashiCorp Vaul...
# Install KubeVault Enterprise operator chart
$ helm template kubevault appscode/kubevault \
--version v2022.09.05-rc.0 \
--namespace kubevault --create-namespace \
--set-file global.license=/path/to/the/license.txt \
--set global.skipCleaner=true | kubectl apply -f -
To see the detailed configuration options, visit here.
Verify installation
To check if KubeVault operator pods have started, run the following command:
$ watch kubectl get pods --all-namespaces -l "app.kubernetes.io/instance=kubevault"
NAMESPACE NAME READY STATUS RESTARTS AGE
kubevault kubevault-kubevault-operator-5d5cc4c7c9-mj5d5 1/1 Running 0 2m18s
Once the operator pod is running, you can cancel the above command by typing Ctrl+C
.
Now, to confirm CRD groups have been registered by the operator, run the following command:
$ kubectl get crd -l app.kubernetes.io/name=kubevault
Now, you are ready to create your first database using KubeVault.