Set up HashiCorp Vault and Platform Manager

Once you have started all the governance components, you will need to configure the HashiCorp Vault to store Platform Manager secrets to operate your Kafka cluster(s).

Set up the HashiCorp Vault

The steps you need to follow for configuring the HashiCorp Vault are the following

  1. Initialize and Unseal the HashiCorp Vault, follow this documentation

  2. Enable the AppRole Auth Method, follow this documentation

  3. Create the governance Secrets Engine, follow this documentation

  4. Configure Platform Manager policy, follow this documentation

After the above steps, you will have a role-id and secret-id that will be used to configure the Platform Manager

Set up the Platform Manager

Given the role-id and secret-id generated from the previous section,

  1. Edit your values.yaml as follows

    values.yaml
    platform-manager:

  config:

    # Governance Vault Configuration
    governance:
      vault:
        enabled: true
        # -- Define the URI of the Vault
        uri: "http://platform-manager-vault:8200"
        # -- Define the path of the KV Secret in the Vault
        path: "governance"
        # -- RoleID of the platform-manager policy to access the KV Secret
        roleId: "generated-role-id"
        # -- SecretID of the platform-manager policy to access the KV Secret
        secretId: "generated-secret-id"

  2. Upgrade the Axual Governance with your values.yaml

    helm upgrade --install governance axual-stable/axual-governance -v 0.1.0 -f ./values.yaml -n kafka