Standalone server with audit storage
warning
Important Note: This chart is not compatible with Helm 2. Please use Helm 3.6+ with this chart.
The below values.yaml
can be used to set up a single server OpenBao cluster with
auditing enabled.
server:
standalone:
enabled: true
config: |
listener "tcp" {
tls_disable = true
address = "[::]:8200"
cluster_address = "[::]:8201"
}
storage "file" {
path = "/openbao/data"
}
service:
enabled: true
dataStorage:
enabled: true
size: 10Gi
storageClass: null
accessMode: ReadWriteOnce
auditStorage:
enabled: true
size: 10Gi
storageClass: null
accessMode: ReadWriteOnce
After OpenBao has been deployed, initialized and unsealed, auditing can be enabled by running the following command against the OpenBao pod:
$ kubectl exec -ti <POD NAME> -- bao audit enable file file_path=/openbao/audit/openbao_audit.log