Johann Gyger johanngyger

I hereby claim:

To claim this, I am signing this object:

	---
	apiVersion: apps/v1
	kind: Deployment
	metadata:
	name: vault-kubernetes-authenticator-demo
	labels:
	appl: vault-kubernetes-authenticator-demo
	spec:
	replicas: 1
	selector:

	---
	apiVersion: v1
	kind: ServiceAccount
	metadata:
	name: vault-serviceaccount

	---
	apiVersion: rbac.authorization.k8s.io/v1beta1
	kind: ClusterRoleBinding
	metadata:

	# NOTE: You may need to set these addresses differently.
	export INTERNAL_IP=$(dig +short `hostname -f`)
	export VAULT_ADDR=http://${INTERNAL_IP}:8200

	# Enable and configure the Kubernetes auth method.
	# For details, see:
	# - https://www.vaultproject.io/docs/auth/kubernetes.html
	# - https://www.vaultproject.io/api/auth/kubernetes/index.html
	vault auth enable kubernetes
	vault write auth/kubernetes/config \

	$ vault server -dev -dev-listen-address=0.0.0.0:8200 &
	==> Vault server configuration:

	Api Address: http://0.0.0.0:8200
	Cgo: disabled
	Cluster Address: https://0.0.0.0:8201
	Listener 1: tcp (addr: "0.0.0.0:8200", cluster address: "0.0.0.0:8201", max_request_duration: "1m30s", max_request_size: "33554432", tls: "disabled")
	Log Level: info
	Mlock: supported: true, enabled: false
	Storage: inmem

	# Install Vault
	sudo apt install -y zip
	curl -OL https://releases.hashicorp.com/vault/1.1.1/vault_1.1.1_linux_amd64.zip
	unzip vault_1.1.1_linux_amd64.zip
	sudo mv vault /usr/local/bin/
	vault -autocomplete-install && exec $SHELL

	# 1) Install Kubernetes on a Ubuntu machine
	sudo -i
	curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg \| apt-key add -
	echo 'deb http://apt.kubernetes.io/ kubernetes-xenial main' >> /etc/apt/sources.list.d/kubernetes.list
	apt update && apt install -y docker.io kubelet kubeadm kubectl
	sudo systemctl enable docker.service
	kubeadm init --pod-network-cidr=10.244.0.0/16 # Flannel pod network, see below
	exit

	# 2) Prepare kubectl