Skip to main content

Standalone server with audit storage

warning

Important Note: This chart is not compatible with Helm 2. Please use Helm 3.6+ with this chart.

The below values.yaml can be used to set up a single server OpenBao cluster with auditing enabled.

server:
standalone:
enabled: true
config: |
listener "tcp" {
tls_disable = true
address = "[::]:8200"
cluster_address = "[::]:8201"
}

storage "file" {
path = "/openbao/data"
}

service:
enabled: true

dataStorage:
enabled: true
size: 10Gi
storageClass: null
accessMode: ReadWriteOnce

auditStorage:
enabled: true
size: 10Gi
storageClass: null
accessMode: ReadWriteOnce

After OpenBao has been deployed, initialized and unsealed, auditing can be enabled by running the following command against the OpenBao pod:

$ kubectl exec -ti <POD NAME> --  bao audit enable file file_path=/openbao/audit/openbao_audit.log