External Secrets Operator (ESO) Installation

External Secrets Operator (ESO) is a Secret Syncing from Vault to Kubernetes Cluster as Kubernetes Secret Resource Utility

External Secrets Operator (ESO) can have multiple instances dedicated to each of Workload Type Kubernetes Cluster.

Pre-Installation

ESO Preparation

Create Helm Value Configurations

cat <<EOF > $HOME/opstella-installation/helm-values/eso-full-values.yaml
leaderElec: true
installCRDs: true

EOF

Installation

Add ESO Helm Repository.

# Add Helm Repository
helm repo add external-secrets-operator https://charts.external-secrets.io/
helm repo update

Connect to Kubernetes Cluster ; i.e w/ Kubeconfig File

Set Kubeconfig File
Terminal window
```
export KUBECONFIG="$HOME/opstella-installation/kubeconfigs/CHANGEME_cluster.yaml"
```

Install ESO on Kubernetes Cluster.

Install a Helm Release with specific Helm Chart Version --version 0.19.2 (App Version: v0.19.2)

# Install ESO Helm Release
helm install external-secrets-operator external-secrets-operator/external-secrets --version 0.19.2 \
    --namespace devsecops-system \
    -f $HOME/opstella-installation/helm-values/eso-full-values.yaml

Post-Installation

External Secrets Operator (ESO) Testing

Connect to Kubernetes Cluster ; i.e w/ Kubeconfig File

Set Kubeconfig File
Terminal window
```
export KUBECONFIG="$HOME/opstella-installation/kubeconfigs/CHANGEME_cluster.yaml"
```

Get Pod Status - External Secret Operator (ESO)

kubectl get pods -n devsecops-system

External Secret Operator (ESO) should be `Running

NAME                   READY   STATUS    RESTARTS   AGE
... (deducted)
external-secret-operator-external-secrets-XXXXXXX-YYYY            1/1     Running   0          XdXh
external-secret-operator-external-secrets-cert-controller-YYYYY   1/1     Running   0          XdXh
external-secret-operator-external-secrets-webhook-XXXXXXXXX       1/1     Running   0          XdXh

Finished?

Use the below navigation to proceed