Hi everyone,
I’m trying to use the Vault injector feature on my k8s cluster for testing purpose.
But now that my tests are complete I was thinking about my next step.
In my use case I have multiple k8s clusters, and I was wondering if I could configure the Kubernetes auth with multiple clusters.
From what I understand you specify a config with the JWT and the Kube endpoint and that’s it.
Is there a way to have multiple config to enable this kind of workflow ?
Cluster A : Vault
Cluster B : My app + vault injector
Cluster C to Z : other apps + injector ?
You can only service one Kubernetes cluster per Kubernetes auth mount. If you want to be able to auth from multiple clusters, you can create multiple auth mounts, e.g.:
You can also use JWT auth instead if you really need multiple clusters per auth mount, but I wouldn’t recommend it unless you have very specific requirements and a large number of clusters leading you that way: OIDC Provider Setup - Auth Methods | Vault by HashiCorp
I also want to realize your function now. I have created multiple auth mounts in a vault service. But now there is a cluster integration error, have you encountered it? my question