Today, Red Hat is pleased to announce a new open source project, the Vault Operator. In keeping with earlier projects, including the etcd Operator and the Prometheus Operator, the Vault Operator aims to make it easier to install, manage, and maintain instances of Hashicorp Vault – a tool designed for storing, managing, and controlling access to secrets, such as tokens, passwords, certificates, and API keys – on Kubernetes clusters.
We are supporters of Vault, for important reasons. Authentication is fundamental to modern applications. As application design shifts from monolithic to distributed architectures, the various components of an application must communicate with each other over a network in ways that are designed to be trusted and secure. This typically requires authentication, which in turn requires credentials, or secrets. The problem is that there is no de facto way to centrally locate and manage these secrets.
Public cloud providers offer services to help solve this problem, but these solutions can be less than ideal. Not only are the APIs for these services often proprietary, potentially leading to cloud vendor lock-in and impedances to local testing, but they typically aren’t container-native, being designed with VM-centric architectures in mind.
Vault, an open source project, is a powerful alternative to these cloud-based services. It creates a central repository for secrets and enables secrets management, including rotation, leasing, and revocation of secrets. Our goal with the Vault Operator is to make it easier for Kubernetes users to consume this software.
Vault on demand
The Vault Operator we’re launching today, which we’re releasing under the Apache 2.0 open source license, builds on the operator pattern that CoreOS introduced in 2016. Operators are Kubernetes native applications. We define native as being both managed using the Kubernetes APIs via kubectl and ran on Kubernetes as containers. Operators can take advantage of Kubernetes's extensibility to help deliver the automation advantages of cloud services like provisioning, scaling, and backup/restore while being able to run anywhere that Kubernetes can run.
The Vault Operator is designed to make it easier to consume and operate Vault on Kubernetes by leveraging underlying Kubernetes capabilities to automate the provisioning, scaling, and backup/restore operations of Vault. With it, you can deploy a Vault service as easily as you can deploy a single stateless container on Kubernetes. Behind the scenes, the operator is designed to take care of such housekeeping tasks as TLS, etcd provisioning and setup, upgrades, and other details. In this way, you can consume Vault on your cluster the way you would were it provided as a service offered by a cloud provider, only in an open and cloud-agnostic way.
The Vault Operator powers the Vault Open Cloud Service introduced in the CoreOS Tectonic platform in December 2017. By releasing the Vault Operator as an open source project, Red Hat now aims to enable ISVs and IT organizations to use Vault as a managed service in their own environments, powered by automated operations.
We anticipate seeing more operators in the future, developed both by us and by others from across the Kubernetes ecosystem. In the meantime, if you’d like to get involved with extending and improving the Vault Operator, join us on the Vault Operator GitHub repository.
Sobre el autor
Navegar por canal
Automatización
Las últimas novedades en la automatización de la TI para los equipos, la tecnología y los entornos
Inteligencia artificial
Descubra las actualizaciones en las plataformas que permiten a los clientes ejecutar cargas de trabajo de inteligecia artificial en cualquier lugar
Nube híbrida abierta
Vea como construimos un futuro flexible con la nube híbrida
Seguridad
Vea las últimas novedades sobre cómo reducimos los riesgos en entornos y tecnologías
Edge computing
Conozca las actualizaciones en las plataformas que simplifican las operaciones en el edge
Infraestructura
Vea las últimas novedades sobre la plataforma Linux empresarial líder en el mundo
Aplicaciones
Conozca nuestras soluciones para abordar los desafíos más complejos de las aplicaciones
Programas originales
Vea historias divertidas de creadores y líderes en tecnología empresarial
Productos
- Red Hat Enterprise Linux
- Red Hat OpenShift
- Red Hat Ansible Automation Platform
- Servicios de nube
- Ver todos los productos
Herramientas
- Training y Certificación
- Mi cuenta
- Soporte al cliente
- Recursos para desarrolladores
- Busque un partner
- Red Hat Ecosystem Catalog
- Calculador de valor Red Hat
- Documentación
Realice pruebas, compras y ventas
Comunicarse
- Comuníquese con la oficina de ventas
- Comuníquese con el servicio al cliente
- Comuníquese con Red Hat Training
- Redes sociales
Acerca de Red Hat
Somos el proveedor líder a nivel mundial de soluciones empresariales de código abierto, incluyendo Linux, cloud, contenedores y Kubernetes. Ofrecemos soluciones reforzadas, las cuales permiten que las empresas trabajen en distintas plataformas y entornos con facilidad, desde el centro de datos principal hasta el extremo de la red.
Seleccionar idioma
Red Hat legal and privacy links
- Acerca de Red Hat
- Oportunidades de empleo
- Eventos
- Sedes
- Póngase en contacto con Red Hat
- Blog de Red Hat
- Diversidad, igualdad e inclusión
- Cool Stuff Store
- Red Hat Summit