backport of commit 5bc40d1 (#17169)

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
hashicorp · Sep 16, 2022 · 31b7a0f · 31b7a0f
1 parent c304d68
commit 31b7a0f
Showing 1 changed file with 23 additions and 1 deletion.
diff --git a/website/content/docs/platform/k8s/injector/annotations.mdx b/website/content/docs/platform/k8s/injector/annotations.mdx
@@ -28,7 +28,7 @@ them, optional commands to run, etc.
 
 - `vault.hashicorp.com/agent-image` - name of the Vault docker image to use. This
   value overrides the default image configured in the injector and is usually
-  not needed. Defaults to `hashicorp/vault:1.11.1`.
+  not needed. Defaults to `hashicorp/vault:1.11.3`.
 
 - `vault.hashicorp.com/agent-init-first` - configures the pod to run the Vault Agent
   init container first if `true` (last if `false`). This is useful when other init
@@ -119,6 +119,13 @@ them, optional commands to run, etc.
   Agent containers. Defaults to `128Mi`. Setting this to an empty string disables
   memory limits.
 
+- `vault.hashicorp.com/agent-limits-ephemeral` - configures the ephemeral
+  storage limit on the Vault Agent containers. Defaults to `128Mi`. Setting this
+  to an empty string disables ephemeral storage limits. Also available as a
+  command-line option (`-ephemeral-storage-limit`) or environment variable
+  (`AGENT_INJECT_EPHEMERAL_LIMIT`) to set the default for all injected Agent
+  containers.
+
 - `vault.hashicorp.com/agent-requests-cpu` - configures the CPU requests on the
   Vault Agent containers. Defaults to `250m`. Setting this to an empty string disables
   CPU requests.
@@ -127,6 +134,14 @@ them, optional commands to run, etc.
   Vault Agent containers. Defaults to `64Mi`. Setting this to an empty string disables
   memory requests.
 
+- `vault.hashicorp.com/agent-requests-ephemeral` - configures the ephemeral
+  storage requests on the Vault Agent Containers. Defaults to `64Mi`. Setting
+  this to an empty string disables ephemeral storage requests (and will default
+  to the ephemeral limit if set). Also available as a command-line option
+  (`-ephemeral-storage-request`) or environment variable
+  (`AGENT_INJECT_EPHEMERAL_REQUEST`) to set the default for all injected Agent
+  containers.
+
 - `vault.hashicorp.com/agent-revoke-on-shutdown` - configures whether the sidecar
   will revoke it's own token before shutting down. This setting will only be applied
   to the Vault Agent sidecar container. This should be set to a `true` or `false`
@@ -281,3 +296,10 @@ etc.
   (`-disable-idle-connections`) or environment variable
   (`AGENT_INJECT_DISABLE_IDLE_CONNECTIONS`) to set the default for all injected
   Agents.
+
+- `vault.hashicorp.com/agent-disable-keep-alives` - Comma-separated [list of
+  Vault Agent features](/docs/agent#disable_keep_alives) where keep-alives
+  should be disabled. Also available as a command-line option
+  (`-disable-keep-alives`) or environment variable
+  (`AGENT_INJECT_DISABLE_KEEP_ALIVES`) to set the default for all injected
+  Agents.