Skip to content

Instantly share code, notes, and snippets.

@suryakencana007

suryakencana007/consul-vault.md

Created February 1, 2022 14:50
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save suryakencana007/a171062aa812a2188609d4e2846ab4b4 to your computer and use it in GitHub Desktop.
Save suryakencana007/a171062aa812a2188609d4e2846ab4b4 to your computer and use it in GitHub Desktop.
Download ZIP
kubernetes vault ha with consul
Raw
consul-vault.md

Secret

kubectl -n argocd get secret argocd-initial-admin-secret -o jsonpath="{.data.password}" -o go-template="{{.data.password | base64decode}}"

Unseal vault key

init and store unseal key and root token

kubectl exec argo-vault-0 -- vault operator init

unseal all vault pod with init unseal key

kubectl exec argo-vault-0 -- vault operator unseal <unseal_key_0>
kubectl exec argo-vault-1 -- vault operator unseal <unseal_key_0>
kubectl exec argo-vault-2 -- vault operator unseal <unseal_key_0>

kubectl exec argo-vault-0 -- vault operator unseal <unseal_key_1>
kubectl exec argo-vault-1 -- vault operator unseal <unseal_key_1>
kubectl exec argo-vault-2 -- vault operator unseal <unseal_key_1>

kubectl exec argo-vault-0 -- vault operator unseal <unseal_key_2>
kubectl exec argo-vault-1 -- vault operator unseal <unseal_key_2>
kubectl exec argo-vault-2 -- vault operator unseal <unseal_key_2>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment