»Installing the Vault CSI Provider

The Vault Helm chart is the recommended way to install and configure the Vault CSI Provider in Kubernetes.

To install a new instance of Vault and the Vault CSI Provider, first add the HashiCorp helm repository and ensure you have access to the chart:

$ helm repo add hashicorp https://helm.releases.hashicorp.com
"hashicorp" has been added to your repositories

$ helm search repo hashicorp/vault
hashicorp/vault 0.10.0          1.7.0       Official HashiCorp Vault Chart

Then install the chart and enable the CSI feature by setting the csi.enabled value to true:

# Note: this will also install the Vault server and Agent Injector.
helm install vault hashicorp/vault --set="csi.enabled=true"

Upgrades may be performed with helm upgrade on an existing install. Please always run Helm with --dry-run before any install or upgrade to verify changes.

You can see all the available values settings by running helm inspect values hashicorp/vault or by reading the Vault Helm Configuration Docs. Commonly used values in the Helm chart include limiting the namespaces the Vault CSI Provider runs in, TLS options and more.