From ee385bf3951a2823ee038498178eb81de2e41add Mon Sep 17 00:00:00 2001 From: ducoterra Date: Sun, 20 Jun 2021 21:07:08 -0400 Subject: [PATCH] Update k8s yamls Streamline the k8s folder with more sensible yamls. --- helm/pivault.yaml | 3 +++ k8s/certificate.yaml | 12 ------------ ...certificate.yaml => pivault-dnet-cert.yaml} | 2 +- k8s/service-account-internal.yaml | 4 ---- k8s/test-certificate.yaml | 12 ------------ k8s/vault-dnet-service.yaml | 18 ------------------ 6 files changed, 4 insertions(+), 47 deletions(-) delete mode 100644 k8s/certificate.yaml rename k8s/{pivault-certificate.yaml => pivault-dnet-cert.yaml} (89%) delete mode 100644 k8s/service-account-internal.yaml delete mode 100644 k8s/test-certificate.yaml delete mode 100644 k8s/vault-dnet-service.yaml diff --git a/helm/pivault.yaml b/helm/pivault.yaml index 7c70018..d2ffbd2 100644 --- a/helm/pivault.yaml +++ b/helm/pivault.yaml @@ -31,6 +31,9 @@ server: ingress: enabled: true + annotations: + cert-manager.io/cluster-issuer: vault-issuer + kubernetes.io/ingress.class: nginx hosts: - host: pivault.dnet paths: diff --git a/k8s/certificate.yaml b/k8s/certificate.yaml deleted file mode 100644 index 649a3db..0000000 --- a/k8s/certificate.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: cert-manager.io/v1 -kind: Certificate -metadata: - name: vault.ducoterra.net -spec: - secretName: vault-tls-cert - issuerRef: - name: letsencrypt-prod - kind: ClusterIssuer - commonName: vault.ducoterra.net - dnsNames: - - vault.ducoterra.net diff --git a/k8s/pivault-certificate.yaml b/k8s/pivault-dnet-cert.yaml similarity index 89% rename from k8s/pivault-certificate.yaml rename to k8s/pivault-dnet-cert.yaml index a4309ba..a408e55 100644 --- a/k8s/pivault-certificate.yaml +++ b/k8s/pivault-dnet-cert.yaml @@ -1,7 +1,7 @@ apiVersion: cert-manager.io/v1alpha2 kind: Certificate metadata: - name: pivault-dnet + name: pivault-dnet-cert spec: secretName: pivault-dnet-cert issuerRef: diff --git a/k8s/service-account-internal.yaml b/k8s/service-account-internal.yaml deleted file mode 100644 index c12502c..0000000 --- a/k8s/service-account-internal.yaml +++ /dev/null @@ -1,4 +0,0 @@ -apiVersion: v1 -kind: ServiceAccount -metadata: - name: internal-app diff --git a/k8s/test-certificate.yaml b/k8s/test-certificate.yaml deleted file mode 100644 index 38e7589..0000000 --- a/k8s/test-certificate.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: cert-manager.io/v1alpha2 -kind: Certificate -metadata: - name: vault-test-dnet -spec: - secretName: vault-test-dnet-cert - issuerRef: - name: vault-issuer - kind: ClusterIssuer - commonName: vault-test.dnet - dnsNames: - - vault-test.dnet diff --git a/k8s/vault-dnet-service.yaml b/k8s/vault-dnet-service.yaml deleted file mode 100644 index fd056a0..0000000 --- a/k8s/vault-dnet-service.yaml +++ /dev/null @@ -1,18 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: pivault-dnet -spec: - ports: - - protocol: TCP - port: 443 ---- -apiVersion: v1 -kind: Endpoints -metadata: - name: external-vault -subsets: - - addresses: - - ip: pivault.dnet - ports: - - port: 443