Kubernetes is designed to be configurable and extendable for various types of users and their use cases. It is not intended to be secure out of the box. Here's how to secure your Kubernetes cluster
This would depend on how you would want to use Vault.
If you want to use vault as a central secret manager for services within your cluster and outside your cluster, then I can see the reason for deploying vault as a standalone service.
However, if you want vault to be managing secret wishing your cluster, it would be better to deploy Vault inside the cluster.
Either way, my advice would be to run Vault in your kubernetes cluster.
i am running a k8s environment, i want to use Vault for secret management. which will you recommend;
a. run vault on k8s
b. run vault on stand alone server and pull from it to k8s
This would depend on how you would want to use Vault.
If you want to use vault as a central secret manager for services within your cluster and outside your cluster, then I can see the reason for deploying vault as a standalone service.
However, if you want vault to be managing secret wishing your cluster, it would be better to deploy Vault inside the cluster.
Either way, my advice would be to run Vault in your kubernetes cluster.