Support for a version that just uses a tainted node pool

Question

andrewwatson opened this issue 6 years ago · comments

I'd like to submit a PR that shows setting up a tainted node pool so that the whole cluster doesn't have the vault service account on each node.

Seth Vargo · Answer 1 · Sat Aug 04 2018 02:22:32 GMT+0800 (China Standard Time)

While I think that'd be accepted, the general "best practice" we've been recommending is to have a dedicated k8s cluster just for Vault.

Seth Vargo · Answer 2 · Thu Aug 09 2018 09:14:01 GMT+0800 (China Standard Time)

I'm gonna close this, but we'd accept a PR for this 😄