scottk/vault
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/vault.git synced 2025-11-03 03:58:01 +00:00
Code Issues Packages Projects Releases Wiki Activity

docs/vault-k8s: updates for v1.6.0 release (#29152)

Browse Source 
* docs/vault-k8s: updates for v1.6.0 release

* Apply suggestions from code review

Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>

* updating whitespace and an extra "injector"

---------

Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>
This commit is contained in:
Theron Voran
2025-01-09 20:54:21 -08:00
committed by GitHub
parent ff2d7ecd34
commit dac2ffca81
2 changed files with 28 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
website/content/docs/platform/k8s/injector/annotations.mdx
View File

@@ -28,7 +28,7 @@ them, optional commands to run, etc.
- `vault.hashicorp.com/agent-image` - name of the Vault docker image to use. This - `vault.hashicorp.com/agent-image` - name of the Vault docker image to use. This
value overrides the default image configured in the injector and is usually value overrides the default image configured in the injector and is usually
not needed. Defaults to `hashicorp/vault:1.18.1`. not needed. Defaults to `hashicorp/vault:1.18.2`.
- `vault.hashicorp.com/agent-init-first` - configures the pod to run the Vault Agent - `vault.hashicorp.com/agent-init-first` - configures the pod to run the Vault Agent
init container first if `true` (last if `false`). This is useful when other init init container first if `true` (last if `false`). This is useful when other init

27
website/content/docs/platform/k8s/injector/index.mdx
View File

@@ -189,6 +189,33 @@ The configuration map must contain either one or both of the following files:
An example of mounting a Vault Agent configmap [can be found here](/vault/docs/platform/k8s/injector/examples#configmap-example). An example of mounting a Vault Agent configmap [can be found here](/vault/docs/platform/k8s/injector/examples#configmap-example).
### Injector telemetry
<Tip>
Set [`injector.metrics.enabled`](/vault/docs/platform/k8s/helm/configuration#metrics)
to `true` in the Helm chart to start collecting injector metrics.
</Tip>
Vault Agent injector collects the following Prometheus metrics in addition to
the default set of `golang` metrics:
- `vault_agent_injector_request_queue_length` - The number of pending webhook requests for the injector.
- `vault_agent_injector_request_processing_duration_ms` - A histogram of webhook
request processing times in milliseconds.
- `vault_agent_injector_injections_by_namespace_total` - The total count of
Agent container injections, grouped by Kubernetes `namespace` and `injection_type`.
Vault Agent injector counts the following injection types:
- `init_only`
- `sidecar_only`
- `init_and_sidecar`
- `vault_agent_injector_failed_injections_by_namespace_total` - The total count
of failed Agent sidecar injections, grouped by Kubernetes `namespace`.
## Tutorial ## Tutorial
Refer to the [Injecting Secrets into Kubernetes Pods via Vault Helm Refer to the [Injecting Secrets into Kubernetes Pods via Vault Helm