
Injecting Vault Secrets into Kubernetes Pods via a Sidecar - WestCoastJustin
https://www.hashicorp.com/blog/injecting-vault-secrets-into-kubernetes-pods-via-a-sidecar
======
gravypod
I don't know much about Vault aside from it being used for secrets management.
What is the use case, outside of already using Hashicorp stuff, of Vault where
it makes sense to use?

Also, is there a benefit of using a sidecar here over building a controller
that reads from Vault and creates Secrets in the k8s api?

~~~
aliswe
Dunno how this was done before, but its nice to access secrets in a vendor
agnostic way (mounted files)

~~~
gravypod
That's a feature of Kube Secrets. They can be mounted on the fs just like
ConfigMaps.

~~~
aliswe
Yeah, but my point is that secrets coming from "Vault" specifically are nice
to have integrated into that functionality. Dunno how that was done before.

