HashiCorp Vault for Kubernetes

Download MP3
Bret is joined by Rosemary Wang from HashiCorp to show off Vault for Kubernetes, an open source secrets provider.
💥 This episode is brought to you by our valued sponsor and friends at Veritas!💥
Have you thought about the potential risks to your Kubernetes cluster in this era of sophisticated ransomware? Veritas offers unparalleled resilience for stateful Kubernetes applications, providing high availability and robust data protection.
Learn how to fortify your business-critical applications with Veritas at https://vrt.as/kubernetes.

Bret is joined by Rosemary Wang from HashiCorp to show off Vault for Kubernetes, an an open source secrets provider.

Rosemary is a return guest and does her usual fantastic job at explaining the complex topics around storing secrets, who needs Vault and why, running Vault on Kubernetes, the Vault storage backend and so much more.

Streamed live on YouTube on September 29, 2022. Includes demos.

Unedited live recording of this show on YouTube (Ep #186)

Vault website
HashiCorp Cloud
Raft storage for Vault, how Raft works
Example repo: HashiCorp Vault for Development Teams

Rosemary Wang★
Rosemary on Twitter
Rosemary on Linkedin

Join my Community
Best coupons for my Docker and Kubernetes courses
Chat with us and fellow students on our Discord Server DevOps Fans
  • (00:00) - DDT MAIN
  • (00:41) - Intro
  • (01:31) - Bret intro
  • (02:13) - Main show
  • (02:29) - Course updates
  • (02:49) - Introductions
  • (03:52) - Today's Topic
  • (05:01) - Anyone who doesn't need secret management?
  • (07:50) - Elevator pitch for Vault
  • (09:59) - Handling Rotation and Exit Strategies
  • (12:26) - When do I need Vault?
  • (15:12) - Question about Aquilas
  • (15:31) - Vault is open source
  • (17:27) - We ain't got time for that
  • (18:18) - Can I run Vault on Kubernetes?
  • (19:16) - Question: Where are Secrets Stored?
  • (20:36) - Raft all the things
  • (21:56) - Question: Vault and SSL Certificates
  • (23:08) - Question and Demo
  • (23:33) - Demo intro
  • (24:03) - Demo
  • (24:04) - Question about HSMs
  • (24:27) - Question
  • (25:21) - Question about Unsealed Tokens
  • (27:55) - Question
  • (30:19) - Bret's First Question about Toil
  • (37:10) - Question: Password Managers and Vault
  • (40:21) - Question
  • (41:42) - Question
  • (44:15) - Notes about Vault Agent Sidecar and Authentication
  • (45:52) - Bret's Summary
  • (49:25) - Question about Getting Started
  • (50:21) - Starting with Sealed Secrets
  • (53:07) - Wrap up
  • (53:43) - Getting in touch with Rosemary
  • (54:20) - What's next for Rosemary?
  • (55:08) - Outro

You can also support my free material by subscribing to my YouTube channel and my weekly newsletter at bret.news!

Grab the best coupons for my Docker and Kubernetes courses.
Get on the waitlist for my next live course on CI automation and gitops deployments.

Join my cloud native DevOps community on Discord.
Grab some merch at Bret's Loot Box
Homepage bretfisher.com

Creators and Guests

Bret Fisher
Bret Fisher
Cloud native DevOps Dude. Course creator, YouTuber, Podcaster. People person who spends way to much time in front of a computer.
Beth Fisher
Beth Fisher
Producer of DevOps and Docker Talk podcast since 2019. Assistant producer on Bret Fisher Live show on YouTube. Business and proposal writer by trade.
Cristi Cotovan
Cristi Cotovan
Video editor and educational content producer. Descript and Camtasia coach.
HashiCorp Vault for Kubernetes
Broadcast by