$ oc import-image vault:latest --confirm -n <Namespace>
Verify the Image stream presence in the Desired namespace.
$ oc get is
Deploy the image stream using below command:
$ oc new-app vault:latest
Create new service account with the name "vault"
$ oc create sa vault
Assign anyuid access to the service account created
Note: You need to have cluster admin rights to run this command.
$ oc adm policy add-scc-to-user anyuid -z vault
Edit the deployment yaml file using the below command and add the service account details in the specifications.
$ oc edit dc/vault -o yaml
Once the editor opens add the below two lines
serviceAccount: vault
serviceAccountName: vault
Add the below two environmental variables to the deployment yaml file to run the image as vault user.
$ oc set env dc/vault SKIP_CHOWN=true SKIP_SETCAP=true
Deploy the changes using below command:
$ oc rollout latest vault
That's all! Pod should be up and running , service and route can be created to access the Vault application externally.
No comments:
Post a Comment