CAUTION:

The Bank-Vaults documentation has been moved to the bank-vaults.dev/ site. This version is unmaintained and probably outdated.

Scenario 3 - Both Vault and the app are running inside the mesh

In this scenario, both Vault and the app are running inside the mesh.

Complete the Prerequisites.

Enable sidecar auto-injection for both namespaces:

With kubectl:

kubectl label namespace app   istio-injection=enabled
kubectl label namespace vault istio-injection=enabled

With backyards:

backyards sidecar-proxy auto-inject on app
backyards sidecar-proxy auto-inject on vault

Delete all pods so they are getting injected with the proxy:

kubectl delete pods --all -n app
kubectl delete pods --all -n vault

Check the logs in the app container. It should sill show success:

$ kubectl logs -f -n app deployment/app
time="2020-02-18T15:04:03Z" level=info msg="Initial Vault token arrived"
time="2020-02-18T15:04:03Z" level=info msg="Renewed Vault Token"
s3cr3t
going to sleep...

Edit this page on GitHub