From 27a4f2b934de0a7fd3298a572380096a6f135ef5 Mon Sep 17 00:00:00 2001 From: "Cobb, Randy" Date: Tue, 10 Apr 2018 15:21:27 -0700 Subject: [PATCH] Latest pull request changes made: - refactored the config mechanism to use a template - added all supported backend storage engines - added a scale option to spin up an entire cluster at once - various other typo fixes --- templates/vault/0/README.md | 21 +++++++++++---------- templates/vault/0/rancher-compose.yml | 4 ++-- 2 files changed, 13 insertions(+), 12 deletions(-) diff --git a/templates/vault/0/README.md b/templates/vault/0/README.md index 4dd28ba..89ab0ec 100644 --- a/templates/vault/0/README.md +++ b/templates/vault/0/README.md @@ -13,20 +13,21 @@ This catalog item uses these two main containers: ## Deployment: 1. Select the catalog item and choose a version from the drop-down box 2. Adjust any values on the page to meet your needs. -3. Select a backend type and specify values specific to that type (i.e.: for Consul: "address":"SERVICE:8500","path":"myNewVault" -4. Different ports to listen on (NOTE: Vault ALWAYS listens on port 8200, but you can adjust the LoadBalancer ports to any that are acceptable to your environment; the LoadBalancer handles routing between the port you specify and port 8200 (and 8201) in Vault itself. -5. Specify the Volume Driver for pesistent mounting of Vault's FILE backing store, and CONFIGURATION -6. Specify how many vault servers you want in your cluster (You'll always only get only 1 load balancer) -6. Finally, once the stack is up, you can use your normal Vault process to init, unseal, and more. -7. Enjoy! +3. Make any adjustments to the default config provided, such as: + * A different backend than the Consul server specified. + * Different ports to listen on (NOTE: Vault ALWAYS listens on port 8200, but you can adjust the LoadBalancer ports to any that are acceptable to your environment; the LoadBalancer handles routing between the port you specify and port 8200 (and 8201) in Vault itself. +4. Specify the Volume Driver for pesistent mounting of Vault's FILE backing store, and CONFIGURATION +5. Finally, once the stack is up, you can use your normal Vault process to init, unseal, and more. +6. Enjoy! ## Backend Configuration -This field is for specifying your backend configuration values. You enter them in a name=value pair format just as you would in a Vault configuration file; with each separate element being on its own line. For example: +This field is for specifying your backend configuration options. You enter them in a JSON key:value pair format just as you would in a JSON Vault configuration file; with each separate element being comma-delimited. For example: ``` -"address": "http://locahost:2379","etcd_api": "v3" +"address":"http://locahost:2379","etcd_api":"v3" ``` would be a valid configuration for Etcd and ``` -"access_key": "abcd1234","secret_key": "defg5678","bucket": "my-bucket" +"access_key":"abcd1234","secret_key":"defg5678","bucket":"my-bucket" ``` -would be valid for Amazon S3 buckets. +would be valid for Amazon S3 buckets.:w + diff --git a/templates/vault/0/rancher-compose.yml b/templates/vault/0/rancher-compose.yml index 9168365..4fca705 100755 --- a/templates/vault/0/rancher-compose.yml +++ b/templates/vault/0/rancher-compose.yml @@ -31,7 +31,7 @@ catalog: label: Select a backend for Vault description: | Vault supports several different backend storage engines. Please select the one you are interested in using. (NOTE: Must be pre-installed or added to a different stack) - default: Filesystem + default: file type: enum required: true options: @@ -61,7 +61,7 @@ catalog: - variable: BACKEND_CONFIGURATION label: Specify the backend configuration in valid JSON format default: | - "path":"/mnt/vault/data" + "path":"/vault/file" required: true description: | Enter the configuration block for the backend (Refer to Vault documentation for valid backend configuration elements) in JSON format