Created
July 6, 2019 15:52
-
-
Save nehrman/f8bb0b1678348f9b87de676dd03ee321 to your computer and use it in GitHub Desktop.
description
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [[snippets]] | |
| description = "Consul - List all known datacenters from the catalog" | |
| command = "consul catalog datacenters" | |
| tag = ["consul"] | |
| output = "dc1\n" | |
| [[snippets]] | |
| description = "Consul - List all known members of a Consul Cluster" | |
| command = "consul members" | |
| tag = ["consul"] | |
| output = "Node Address Status Type Build Protocol DC Segment\nraspnomad01 192.168.1.60:8301 alive server 1.4.2+ent 2 dc1 <all>\n" | |
| [[snippets]] | |
| description = "30 - Demo Hahsiconf Step 3 - Retrieve User secret for MongoDB" | |
| command = "kubectl get secret/mongodb -o jsonpath=\"{.data.database-user}\" | base64 -D" | |
| tag = ["hashiconf-step3"] | |
| output = "" | |
| [[snippets]] | |
| description = "31 - Demo Hahsiconf Step 3 - Retrieve Password secret for MongoDB" | |
| command = "kubectl get secret/mongodb -o jsonpath=\"{.data.database-password}\" | base64 -D" | |
| tag = ["hashiconf-step3"] | |
| output = "" | |
| [[snippets]] | |
| description = "32 - Demo Hahsiconf Step 3 - Add User secret to KV Store" | |
| command = "vault kv put kv/fruit-catatlog-mongodb user=${MONGODB_USER}" | |
| tag = ["hashiconf-step3"] | |
| output = "" | |
| [[snippets]] | |
| description = "33 - Demo Hahsiconf Step 3 - Add Password secret to KV Store" | |
| command = "vault kv put kv/fruit-catatlog-mongodb password=${MONGODB_PWD}" | |
| tag = ["hashiconf-step3"] | |
| output = "" | |
| [[snippets]] | |
| description = "34 - Demo Hahsiconf Step 3 - Enable K8s auth method on Vault" | |
| command = "vault enable auth kubernetes" | |
| tag = ["hashiconf-step3"] | |
| output = "" | |
| [[snippets]] | |
| description = "35 - Demo Hahsiconf Step 3 - Configure K8s auth method" | |
| command = "vault wrtie auth/kubertes/config token_reviewer_jwt=token kubernetes_host=host kubernetes_ca_cert=ca" | |
| tag = ["hashiconf-step3"] | |
| output = "\n" | |
| [[snippets]] | |
| description = "Consul - List all known members of a Consul Cluster" | |
| command = "consul members" | |
| tag = ["consul"] | |
| output = "Node Address Status Type Build Protocol DC Segment\nraspnomad01 192.168.1.60:8301 alive server 1.4.2+ent 2 dc1 <all>\n" | |
| [[snippets]] | |
| description = "30 - Demo Hashiconf Step 3 - Create vault Service Account on K8s" | |
| command = "kubectl create sa fruits-catalog-vault" | |
| tag = ["hashiconf-step3"] | |
| output = "" | |
| [[snippets]] | |
| description = "31 - Demo Hashiconf Step 3 - Create Cluster Role Binding for vault Service Account on K8s" | |
| command = "kubectl create -f fruits-catalog-vault-service-account.yaml -n fruits-catalog" | |
| tag = ["hashiconf-step3"] | |
| output = "" | |
| [[snippets]] | |
| description = "32 - Demo Hashiconf Step 3 - Retrieve User secret for MongoDB" | |
| command = "kubectl get secret/mongodb -o jsonpath=\"{.data.database-user}\" | base64 -D" | |
| tag = ["hashiconf-step3"] | |
| output = "" | |
| [[snippets]] | |
| description = "33 - Demo Hashiconf Step 3 - Retrieve User secret for MongoDB" | |
| command = "kubectl get secret/mongodb -o jsonpath=\"{.data.database-user}\" | base64 -D" | |
| tag = ["hashiconf-step3"] | |
| output = "" | |
| [[snippets]] | |
| description = "34 - Demo Hashiconf Step 3 - Retrieve Password secret for MongoDB" | |
| command = "kubectl get secret/mongodb -o jsonpath=\"{.data.database-password}\" | base64 -D" | |
| tag = ["hashiconf-step3"] | |
| output = "" | |
| [[snippets]] | |
| description = "35 - Demo Hashiconf Step 3 - Add User secret to KV Store" | |
| command = "vault kv put kv/fruit-catatlog-mongodb user=${MONGODB_USER}" | |
| tag = ["hashiconf-step3"] | |
| output = "" | |
| [[snippets]] | |
| description = "36 - Demo Hashiconf Step 3 - Add Password secret to KV Store" | |
| command = "vault kv put kv/fruit-catatlog-mongodb password=${MONGODB_PWD}" | |
| tag = ["hashiconf-step3"] | |
| output = "" | |
| [[snippets]] | |
| description = "3è - Demo Hashiconf Step 3 - Enable K8s auth method on Vault" | |
| command = "vault enable auth kubernetes" | |
| tag = ["hashiconf-step3"] | |
| output = "" | |
| [[snippets]] | |
| description = "38 - Demo Hashiconf Step 3 - Configure K8s auth method" | |
| command = "vault wrtie auth/kubertes/config token_reviewer_jwt=token " | |
| tag = ["hashiconf-step3"] | |
| output = "" | |
| [[snippets]] | |
| description = "39 - Demo Hashiconf Step 3 - Configure K8s Roles" | |
| command = "vault wrtie auth/kubertes/roles/fruits-catalog bound_service_account_names=vault_auth bound_service_account_namespaces=fruits-catalog policies=fruits-catalog-static ttl=24h" | |
| tag = ["hashiconf-step3"] | |
| output = "" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment