The focus of this workshop is to show how individual services can authenticate and request their own set of distinct credentials through the use of Vault, rather than having to share credentials and tokens among different pods and services. OpenShift will be utilized to safely incorporate secrets into both applications and infrastructure.

This workshop demonstrates HashiCorp Vault fully deployed and running in OpenShift and covers the following topics:

• Configuring Prerequisites
• Configuring the Vault Kubernetes authentication
• Deploying: Request secrets directly from Vault
• Deploying: Secrets through Annotations

Videos

• Demo of Vault with OpenShift:

Demo

The HashiCorp Vault for OpenShift RHDP catalog item can be used for demo purposes as well. Please follow the link to the workshop below and view the videos above to get an understanding of what to demo.

Workshop

This workshop may be provisioned using the Red Hat Demo Platform (RHDP). Within RHDP, the catalog item is in the Security category and is called HashiCorp Vault for OpenShift. All students will be using a shared cluster deployed specifically for this workshop. In RHDP, before ordering, the catalog item description links to instructions for how to set up your environment and other details about performing the workshop.

• Vault for OpenShift Workshop Lab Guide

Additional Resources

• Red Hat Partner Spotlight: HashiCorp Vault
• Red Hat and HashiCorp integrations
• GitOps guide to the Galaxy (part 1)
• GitOps guide to the Galaxy (part 2)