We’re currently exploring the usage of secrets-bridge with Vault. The advisable architecture can be found here.
Regarding this architecture we have a few questions:
- should Vault be running:
- in Rancher and if so:
- should it be running on it’s own Rancher server;
- can be run on the same one, but in a another environment;
- outside Rancher, in another managed environment;
- should secrets-bridge be running:
- on another environment, within the same Rancher server;
- on it’s own Rancher server.
What is advisable and why?