Add comment for OpenShift Vault deployment

Author: ansd

docs/examples/vault-default-user/setup.sh

@@ -11,6 +11,8 @@ vault_exec () {
 echo "Installing Vault server and Vault agent injector..."
 helm repo add hashicorp https://helm.releases.hashicorp.com
 helm repo update
+# For OpenShift deployments, also set the following:
+# --set "global.openshift=true"
 helm install vault hashicorp/vault \
     --version 0.16.1 \
     --set='server.dev.enabled=true' \
@@ -24,7 +26,7 @@ echo "Configuring K8s authentication..."
 # Required so that Vault init container and sidecar of RabbitmqCluster can authenticate with Vault.
 vault_exec "vault auth enable kubernetes"
 
-# In some K8s clusters (e.g. kind), issuer may need to be configured as described in https://www.vaultproject.io/docs/auth/kubernetes#discovering-the-service-account-issuer
+# In Kubernetes 1.21+ clusters, issuer may need to be configured as described in https://www.vaultproject.io/docs/auth/kubernetes#discovering-the-service-account-issuer
 # Otherwise, vault-agent-init container will output "error authenticating".
 # issuer=$(kubectl get --raw=http://127.0.0.1:8001/.well-known/openid-configuration | jq -r .issuer)
 # vault_exec "vault write auth/kubernetes/config issuer=\"$issuer\" token_reviewer_jwt=\"\$(cat /var/run/secrets/kubernetes.io/serviceaccount/token)\" kubernetes_host=https://\${KUBERNETES_PORT_443_TCP_ADDR}:443 kubernetes_ca_cert=@/var/run/secrets/kubernetes.io/serviceaccount/ca.crt"