-
Notifications
You must be signed in to change notification settings - Fork 4.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
updated vault helm chart doc with usecase of nlb #27690
updated vault helm chart doc with usecase of nlb #27690
Conversation
Signed-off-by: Kumar, Rajesh (XINBM1A) <[email protected]>
Thank you for your submission! We require that all contributors sign our Contributor License Agreement ("CLA") before we can accept the contribution. Read and sign the agreement Learn more about why HashiCorp requires a CLA and what the CLA includes Have you signed the CLA already but the status is still pending? Recheck it. |
This PR addresses this issue : #27592 |
Hi @miagilepner, |
@miagilepner could you please take a look at this PR and please advise if this can be approved. |
d44c51b
to
23cb8e7
Compare
Hi @hashishaw Could you please review this PR and advise if this can be approved? |
Hi @schavis this branch was out of sync with main so I just updated it, it should be good for your review. |
@@ -59,6 +59,8 @@ cluster](https://kubernetes.io/docs/tasks/administer-cluster/securing-a-cluster/ | |||
options](/vault/docs/platform/k8s/helm/configuration), and read the [production deployment | |||
checklist](/vault/docs/platform/k8s/helm/run#architecture). | |||
|
|||
-> **Important:** This helm chart always provisions Application Load Balancer(ALB) at the AWS side, if you have the requirements of running vault with Network Load Balancer(NLB) then you need to provision NLB in front of your ALB. This special kind of requirement can arise where you need to use AWS PrivateLink with your vault and PrivateLink only works with NLB. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
-> **Important:** This helm chart always provisions Application Load Balancer(ALB) at the AWS side, if you have the requirements of running vault with Network Load Balancer(NLB) then you need to provision NLB in front of your ALB. This special kind of requirement can arise where you need to use AWS PrivateLink with your vault and PrivateLink only works with NLB. | |
<Important title="Helm chart provisions ALB on AWS side"> | |
If you use AWS features (e.g, AWS PrivateLink) that require a network load | |
balancer (NLB), you must provision your NLB **before** your application load | |
balancer (ALB). | |
</Important> |
Style correction: write in active voice
Signed-off-by: Kumar, Rajesh (XINBM1A) <[email protected]>
ff7720c
to
1bbb65f
Compare
Hi @schavis I made the suggested change , could you please review and approve? |
@schavis Thanks for the approval on this PR, would need one more approval in order to get it merged. Thanks! |
Hi @schavis, could we please get some of your colleague to review this PR, so that we can merge it in? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hey there! Thanks for this. Since this is a docs-only change and Sarah's already approved it, I'm going to go ahead and merge this. Thanks for the contribution, and I apologize it took so long to get merged.
Description
This PR updates the document of vault helm about what needs to be done if there is a special requirement of running vault with NLB.
TODO only if you're a HashiCorp employee
getting backported to N-2, use the new style
backport/ent/x.x.x+ent
labelsinstead of the old style
backport/x.x.x
labels.the normal
backport/x.x.x
label (there should be only 1).of a public function, even if that change is in a CE file, double check that
applying the patch for this PR to the ENT repo and running tests doesn't
break any tests. Sometimes ENT only tests rely on public functions in CE
files.
in the PR description, commit message, or branch name.
description. Also, make sure the changelog is in this PR, not in your ENT PR.