Vault-Kubernetes Integration - How to auto restart pod on every change in Vault Secrets

[Ashit Acharya]

Hello all,

Have successfully implemented Vault with Kubernetes and applications running in K8s are getting their environment variables from Hashicorp vault. Everything is great! But, want to take a step forward and want to restart the pod whenever a change is made to the secret in the Vault, as of now, we have to restart the pod manually to reset environment variables whenever we make changes to Vault secret. How this can be achieved? 

Any help will be appreciated.

Thanks,

Ashit Acharya

[Mohamed Khalil Badri]

Hi Ashit,

Did you try this tutorial: https://github.com/sethvargo/vault-kubernetes-workshop/blob/master/k8s/db-sidecar.yaml

In fact, after adding SYS_PTRACE capabilty, consul template container so it can signal the main application via the consul template configuration using an arbitrary command (kill -HUP $(pidof vault-demo-app)) to the pidof main application.

BR,

Khalil

--
This mailing list is governed under the HashiCorp Community Guidelines - https://www.hashicorp.com/community-guidelines.html. Behavior in violation of those guidelines may result in your removal from this mailing list.
 
GitHub Issues: https://github.com/hashicorp/vault/issues
IRC: #vault-tool on Freenode
---
You received this message because you are subscribed to the Google Groups "Vault" group.
To unsubscribe from this group and stop receiving emails from it, send an email to vault-tool+...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/vault-tool/CA%2BkPDdCWz%2B%2BCMMdWZqm3xGWUm55cHRBBDt6J0Zwsz%2BRSLjTeuw%40mail.gmail.com.