Red Hat 계정으로 회원 프로필, 기본 설정 및 고객 상태에 따라 다음의 서비스에 액세스할 수 있습니다.
아직 등록하지 않으셨습니까? 등록해야 하는 이유:
- 한 곳에서 기술 자료 문서를 탐색하고, 지원 사례와 서브스크립션을 관리하고, 업데이트를 다운로드 할 수 있습니다.
- 조직 내의 사용자를 보고, 계정 정보, 기본 설정 및 권한을 편집할 수 있습니다.
- Red Hat 자격증을 관리하고 시험 내역을 조회하며 자격증 관련 로고 및 문서를 다운로드할 수 있습니다.
Red Hat 계정으로 회원 프로필, 기본 설정 및 자신의 고객 상태에 따른 기타 서비스에 액세스할 수 있습니다.
보안을 위해, 공용 컴퓨터 사용 중에 Red Hat 서비스 이용이 끝난 경우 로그아웃하는 것을 잊지 마십시오.로그아웃
Today, Red Hat is pleased to announce a new open source project, the Vault Operator. In keeping with earlier projects, including the etcd Operator and the Prometheus Operator, the Vault Operator aims to make it easier to install, manage, and maintain instances of Hashicorp Vault – a tool designed for storing, managing, and controlling access to secrets, such as tokens, passwords, certificates, and API keys – on Kubernetes clusters.
We are supporters of Vault, for important reasons. Authentication is fundamental to modern applications. As application design shifts from monolithic to distributed architectures, the various components of an application must communicate with each other over a network in ways that are designed to be trusted and secure. This typically requires authentication, which in turn requires credentials, or secrets. The problem is that there is no de facto way to centrally locate and manage these secrets.
Public cloud providers offer services to help solve this problem, but these solutions can be less than ideal. Not only are the APIs for these services often proprietary, potentially leading to cloud vendor lock-in and impedances to local testing, but they typically aren’t container-native, being designed with VM-centric architectures in mind.
Vault, an open source project, is a powerful alternative to these cloud-based services. It creates a central repository for secrets and enables secrets management, including rotation, leasing, and revocation of secrets. Our goal with the Vault Operator is to make it easier for Kubernetes users to consume this software.
Vault on demand
The Vault Operator we’re launching today, which we’re releasing under the Apache 2.0 open source license, builds on the operator pattern that CoreOS introduced in 2016. Operators are Kubernetes native applications. We define native as being both managed using the Kubernetes APIs via kubectl and ran on Kubernetes as containers. Operators can take advantage of Kubernetes's extensibility to help deliver the automation advantages of cloud services like provisioning, scaling, and backup/restore while being able to run anywhere that Kubernetes can run.
The Vault Operator is designed to make it easier to consume and operate Vault on Kubernetes by leveraging underlying Kubernetes capabilities to automate the provisioning, scaling, and backup/restore operations of Vault. With it, you can deploy a Vault service as easily as you can deploy a single stateless container on Kubernetes. Behind the scenes, the operator is designed to take care of such housekeeping tasks as TLS, etcd provisioning and setup, upgrades, and other details. In this way, you can consume Vault on your cluster the way you would were it provided as a service offered by a cloud provider, only in an open and cloud-agnostic way.
The Vault Operator powers the Vault Open Cloud Service introduced in the CoreOS Tectonic platform in December 2017. By releasing the Vault Operator as an open source project, Red Hat now aims to enable ISVs and IT organizations to use Vault as a managed service in their own environments, powered by automated operations.
We anticipate seeing more operators in the future, developed both by us and by others from across the Kubernetes ecosystem. In the meantime, if you’d like to get involved with extending and improving the Vault Operator, join us on the Vault Operator GitHub repository.