Hashicorp vault ingress Setup

The default values in hashicorp/vault helm chart can be obtained using

helm show values hashicorp/vault > values.yaml

These values can be modified using override-values.yaml file. Since the helm chart contains and ingress defination we can supply our custom values for the ingress.

server:
  ingress:
    enabled: true
    annotations:
      cert-manager.io/cluster-issuer: ca-issuer
      kubernetes.io/ingress.class: nginx
      external-dns.alpha.kubernetes.io/hostname: kubevault.logpoint.com.np
    hosts:
      - host: kubevault.logpoint.com.np
    tls:
      - secretName: kubevault-tls
        hosts:
          - kubevault.logpoint.com.np

certmanager.io/cluster-issuer: ca-issuer is the root certiciate authority annotation for the ingress

external-dns.alpha.kubernetes.io/hostname: kubevault.logpoint.com.np is the annotation for external dns to populate DNS records.

Nginx ingress can be configured with override-values.yaml file in the cluster. To apply the values to the cluster

helm upgrade vault hashicorp/vault -f override-values.yaml