values.yaml updated to include explicit cluster_name #889
There are no files selected for viewing
| Original file line number | Diff line number | Diff line change | ||||
|---|---|---|---|---|---|---|
|
|
@@ -3,6 +3,10 @@ | |||||
|
|
||||||
| # Available parameters and their default values for the Vault chart. | ||||||
|
|
||||||
| # Set cluster name instead of having it auto-generated. | ||||||
| # examples may include: "vault1-gke-uswest", "vault2-eks-useast", etc. | ||||||
| cluster_name: "" | ||||||
|
|
||||||
| global: | ||||||
| # enabled is the master enabled switch. Setting this to true or false | ||||||
| # will enable or disable all the components within this chart by default. | ||||||
|
|
@@ -834,6 +838,7 @@ server: | |||||
| # https://www.vaultproject.io/docs/platform/k8s/helm/run#protecting-sensitive-vault-configurations | ||||||
| config: | | ||||||
| ui = true | ||||||
| cluster_name = {{ .Values.cluster_name | default (printf "%s-k8s" (include "vault.name" .)) | quote }} | ||||||
|
There was a problem hiding this comment. Does this actually work? I've never seen the templates used outside of the K8s yaml helm is generating. There was a problem hiding this comment. Yes it works - I've tested it (with both explicit value set & nothing set) before making PR There was a problem hiding this comment. Example as per current There was a problem hiding this comment. You can't set a default here because if someone has already deployed Vault and it has a generated cluster name, this is going to introduce a new set of metrics.
Suggested change
There was a problem hiding this comment.
There was a problem hiding this comment. I'm referencing Vault's code that generates the cluster name if it's not set in the config. It generates a cluster name that looks something like this: There was a problem hiding this comment. If you're referring to existing customers (with an existing deployment that has an auto-generated name) that may update their helm chart - in that case they would need to explicit set the There was a problem hiding this comment. We can't, so we should not have a default here, because they're going to need to explicitly set it. There was a problem hiding this comment. I added defaults in case for new deployment no value is set. I'm open to any proposal that you may be kind enough to commit. |
||||||
|
|
||||||
| listener "tcp" { | ||||||
| tls_disable = 1 | ||||||
|
|
||||||
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is a Vault specific parameter and should not be at the root level but instead should be in
server.ha(it's only used for HA).There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I can move this to
server.hasection on subsequent commit.