Missing configmap values?

Question

Missing configmap values?

Streppel opened this issue 6 years ago · 4 comments

This is more of a doubt, but we declare configmap vault to have values

    --from-literal "load_balancer_address=${LB_IP}" \
    --from-literal "gcs_bucket_name=${GCS_BUCKET}" \
    --from-literal "kms_key_id=${KMS_KEY}"

but on vault deployment file we use many other values

env:
        - name: GCS_BUCKET_NAME
          valueFrom:
            configMapKeyRef:
              name: vault
              key: gcs_bucket_name
        - name: KMS_PROJECT
          valueFrom:
            configMapKeyRef:
              name: vault
              key: kms_project
        - name: KMS_REGION
          valueFrom:
            configMapKeyRef:
              name: vault
              key: kms_region
        - name: KMS_KEY_RING
          valueFrom:
            configMapKeyRef:
              name: vault
              key: kms_key_ring
        - name: KMS_CRYPTO_KEY
          valueFrom:
            configMapKeyRef:
              name: vault
              key: kms_crypto_key
        - name: LOAD_BALANCER_ADDR
          valueFrom:
            configMapKeyRef:
              name: vault
              key: load_balancer_address

Aren't we missing some values here? I'm asking this because my pods are failing to deploy because of this:

Answer 1 · 2019-06-20T18:23:34.000Z

The config map looks like this:

kubectl create configmap vault \
  --cluster="$(gke-cluster-name "vault")" \
  --from-literal="load_balancer_address=$(vault-lb-ip)" \
  --from-literal="gcs_bucket_name=$(google-project)-vault-storage" \
  --from-literal="kms_project=$(google-project)" \
  --from-literal="kms_region=$(google-region)" \
  --from-literal="kms_key_ring=vault" \
  --from-literal="kms_crypto_key=vault-init" \
  --from-literal="kms_key_id=projects/$(google-project)/locations/$(google-region)/keyRings/vault/cryptoKeys/vault-init"

Are you sure you're on the correct repo? Between this and your earlier issue, I'm wondering if you're using an out-of-date fork?

Answer 2 · 2019-06-20T20:26:28.000Z

@sethvargo Hey Seth, thank you for your reply! As I linked on the other issue, I'm looking at https://codelabs.developers.google.com/codelabs/vault-on-gke/index.html#9. Hum... I don't quite understand what is going on. The code lab seems pretty different from what you just pasted here. Am I looking at the wrong spot, maybe?

ps: I'll follow the steps following the repo from now on :) I filled these issues because there was a link linking to this repo on the left side footer of the page, so I thought I'd let you know.

Answer 3 · 2019-06-20T21:02:28.000Z

The codelab content isn't pulled directly from here. I've updated it and it should match now.

Answer 4 · 2019-06-20T21:45:23.000Z

@sethvargo thank you!