High Availability Vault with DynamoDB in Kubernetes
HUG community member Vinh Quoc Nguyen shares his method for running HA Vault on AWS's DynamoDB service in Kubernetes.
HashiCorp Vault is well-known and popular, but sometimes you need extra guidlines to help run it properly with a very specific production environment. This talk will guide users through the process of setting up Vault with auto-unseal using AWS KMS as well as running Vault in high availability (HA) mode with DynamoDB and secret versioning. User authentication will be set up with duo, Kubernetes service account duo, and we'll hook up Docker custom entrypoints to get secrets dynamically.
This talk was part of the first HashiTalks online event—A 24-hour continuous series of presentations from the worldwide HashiCorp User Group (HUG) community and from HashiCorp engineers as well. The event took place from February 21-22, 2019.
Check out your local chapter or start a new one here.