Date: Fri, 25 Nov 2022 09:30:00 -0500
<p>Bret is joined by Rosemary Wang from HashiCorp to show off Vault for Kubernetes, an an open source secrets provider.</p><p>Rosemary is a return guest and does her usual fantastic job at explaining the complex topics around storing secrets, who needs Vault and why, running Vault on Kubernetes, the Vault storage backend and so much more.</p><p>Streamed live on YouTube on September 29, 2022. Includes demos.</p><p><br /><strong>Unedited </strong><a href="https://youtu.be/HN0Qugly3bQ"><strong>live recording</strong></a><strong> of this show on YouTube (Ep #186)</strong></p><p><br />★<strong>Topics★<br /></strong><a href="https://www.vaultproject.io/">Vault website</a><br /><a href="https://cloud.hashicorp.com/">HashiCorp Cloud</a><br /><a href="https://thesecretlivesofdata.com/raft/">Raft storage for Vault</a>, how Raft works<br />Example repo: <a href="https://github.com/hashicorp-dev-advocates/workshop-vault-for-developers">HashiCorp Vault for Development Teams</a></p><p>★<strong>Rosemary Wang★<br /></strong><a href="https://twitter.com/joatmon08">Rosemary on Twitter</a><br /><a href="https://www.linkedin.com/in/rosemarywang/">Rosemary on Linkedin</a></p><p>★<strong>Join my Community</strong>★<br />Best coupons for my <a href="https://www.bretfisher.com/courses"><strong>Docker and Kubernetes courses</strong></a><br />Chat with us and fellow students on our Discord Server <a href="https://devops.fan/"><strong>DevOps Fans</strong></a></p><p>Homepage <a href="https://bretfisher.com/"><strong>bretfisher.com</strong></a></p> <ul> <li>(00:00) - DDT MAIN</li> <li>(00:04) - Intro</li> <li>(00:54) - Bret intro</li> <li>(01:36) - Main show</li> <li>(01:52) - Course updates</li> <li>(02:12) - Introductions</li> <li>(03:15) - Today's Topic</li> <li>(04:24) - Anyone who doesn't need secret management?</li> <li>(07:13) - Elevator pitch for Vault</li> <li>(09:22) - Handling Rotation and Exit Strategies</li> <li>(11:49) - When do I need Vault?</li> <li>(14:35) - Question about Aquilas</li> <li>(14:54) - Vault is open source</li> <li>(16:50) - We ain't got time for that</li> <li>(17:41) - Can I run Vault on Kubernetes?</li> <li>(18:39) - Question: Where are Secrets Stored?</li> <li>(19:59) - Raft all the things</li> <li>(21:19) - Question: Vault and SSL Certificates</li> <li>(22:31) - Question and Demo</li> <li>(22:56) - Demo intro</li> <li>(23:26) - Demo</li> <li>(23:27) - Question about HSMs</li> <li>(23:50) - Question</li> <li>(24:44) - Question about Unsealed Tokens</li> <li>(27:18) - Question</li> <li>(29:42) - Bret's First Question about Toil</li> <li>(36:33) - Question: Password Managers and Vault</li> <li>(39:44) - Question</li> <li>(41:05) - Question</li> <li>(43:38) - Notes about Vault Agent Sidecar and Authentication</li> <li>(45:15) - Bret's Summary</li> <li>(48:48) - Question about Getting Started</li> <li>(49:44) - Starting with Sealed Secrets</li> <li>(52:30) - Wrap up</li> <li>(53:06) - Getting in touch with Rosemary</li> <li>(53:43) - What's next for Rosemary?</li> <li>(54:31) - Outro</li> </ul> <br /><p><strong>Support this show and get exclusive benefits on </strong><a href="https://patreon.com/BretFisher"><strong>Patreon</strong></a><strong>, </strong><a href="https://www.youtube.com/@BretFisher"><strong>YouTube</strong></a><strong>, or </strong><a href="https://www.bretfisher.com/"><strong>bretfisher.com</strong></a><strong>!</strong></p>
