Latest pull request changes made:

- refactored the config mechanism to use a template - added all supported backend storage engines - added a scale option to spin up an entire cluster at once - various other typo fixes
2018-04-10 11:41:50 -07:00 · 2018-04-10 11:41:50 -07:00 · 8a7d4ee092
commit 8a7d4ee092
parent d1d4152b1b
3 changed files with 33 additions and 32 deletions
--- a/templates/vault/0/README.md
+++ b/templates/vault/0/README.md
@ -13,23 +13,20 @@ This catalog item uses these two main containers:
 ## Deployment:
 1. Select the catalog item and choose a version from the drop-down box
 2. Adjust any values on the page to meet your needs.
-3. Make any adjustments to the default config provided, such as:
-   * A different backend than the Consul server specified.
-   * Different ports to listen on (NOTE: Vault ALWAYS listens on port 8200, but you can adjust the LoadBalancer ports to any that are acceptable to your environment; the LoadBalancer handles routing between the port you specify and port 8200 (and 8201) in Vault itself.
-4. Specify the Volume Driver for pesistent mounting of Vault's FILE backing store, and CONFIGURATION
-5. Finally, once the stack is up, you can use your normal Vault process to init, unseal, and more.
-6. Enjoy!
+3. Select a backend type and specify values specific to that type (i.e.: for Consul: "address":"SERVICE:8500","path":"myNewVault"
+4. Different ports to listen on (NOTE: Vault ALWAYS listens on port 8200, but you can adjust the LoadBalancer ports to any that are acceptable to your environment; the LoadBalancer handles routing between the port you specify and port 8200 (and 8201) in Vault itself.
+5. Specify the Volume Driver for pesistent mounting of Vault's FILE backing store, and CONFIGURATION
+6. Specify how many vault servers you want in your cluster (You'll always only get only 1 load balancer)
+6. Finally, once the stack is up, you can use your normal Vault process to init, unseal, and more.
+7. Enjoy!

 ## Backend Configuration
-This field is for specifying your backend configuration values.  You enter them in a name=value pair format with each separate element being on its own line.  For example:
+This field is for specifying your backend configuration values.  You enter them in a name=value pair format just as you would in a Vault configuration file; with each separate element being on its own line.  For example:
 ```
-address = "http://locahost:2379"
-etcd_api = "v3"
+"address": "http://locahost:2379","etcd_api": "v3"
 ```
 would be a valid configuration for Etcd and
 ```
-access_key = "abcd1234"
-secret_key = "defg5678"
-bucket     = "my-bucket"
+"access_key": "abcd1234","secret_key": "defg5678","bucket": "my-bucket"
 ```
 would be valid for Amazon S3 buckets.
--- a/templates/vault/0/docker-compose.yml.tpl
+++ b/templates/vault/0/docker-compose.yml.tpl
@ -11,25 +11,25 @@ services:
    - ${VAULT_LISTEN_PORT}:8200/tcp
    - ${VAULT_CLUSTER_PORT}:8201/tcp
    labels:
-{{- if .Values.HOST_LABEL }}
-      io.rancher.scheduler.affinity:host_label: ${HOST_LABEL}
-{{- end }}
      io.rancher.container.agent.role: environmentAdmin,agent
      io.rancher.container.agent_service.drain_provider: 'true'
      io.rancher.container.create_agent: 'true'
+{{- if .Values.HOST_LABEL }}
+      io.rancher.scheduler.affinity:host_label: ${HOST_LABEL}
+{{- end }}
  vault:
+    image: vault:0.9.6
    cap_add:
    - IPC_LOCK
-    image: vault:0.9.6
+{{- if .Values.VAULT_BACKEND }}
+    external_links:
+    - ${BACKEND_SERVICE}:SERVICE
+{{- end }}
    environment:
      VAULT_REDIRECT_INTERFACE: "eth0"
      VAULT_CLUSTER_INTERFACE: "eth0"
      VAULT_LOCAL_CONFIG: |
-        { "backend": "{{.Values.VAULT_BACKEND}}": { {{.Values.BACKEND_CONFIGURATION}} },"listener":{"tcp":{"address":"0.0.0.0:8200","tls_disable":1}}, "cluster_name":"{{.Values.VAULT_CLUSTER_NAME}}" }
-{{- if .Values.VAULT_BACKEND }}
-    external_links:
-    - ${VAULT_BACKEND}:SERVICE
-{{- end }}
+        { "storage":{"{{.Values.VAULT_BACKEND}}":{ {{.Values.BACKEND_CONFIGURATION}} }},"listener":{"tcp":{"address":"0.0.0.0:8200","tls_disable":1}},"cluster_name":"{{.Values.VAULT_CLUSTER_NAME}}"}
    volumes:
    - vault-file:/vault/file
    - vault-config:/vault/config
--- a/templates/vault/0/rancher-compose.yml
+++ b/templates/vault/0/rancher-compose.yml
@ -13,10 +13,6 @@ catalog:
      type: string
      default: myCluster
      required: true
-    - variable: VAULT_BACKEND
-      label: Backend for Vault
-      description: |
-        Provide the backend engine for Vault (i.e., Consul, File, etc.)
    - variable: VAULT_LISTEN_PORT
      label: Vault Listen Port
      description: |
@ -45,7 +41,7 @@ catalog:
        - couchdb
        - dynamodb
        - etcd
-        - filesystem
+        - file
        - gcs
        - inmem
        - manta
@ -59,22 +55,30 @@ catalog:
    - variable: BACKEND_SERVICE
      label: Specify the Backend service to connect to
      description: |
-        The pre-installed Backend server to back to.  To reference, you can use the memory variable "$SERVICE" in your URLs.  For example: "consul://$SERVICE:8500"
+        The pre-installed Backend server to back to.  To reference, you can use the memory variable "SERVICE" in your URLs.  For example: "consul://SERVICE:8500"
      default: "select"
      type: service
    - variable: BACKEND_CONFIGURATION
-      label: Specify the backend configuration in name=value format
-      default: "path=\"/mnt/vault/data\""
+      label: Specify the backend configuration in valid JSON format
+      default: |
+        "path":"/mnt/vault/data"
      required: true
      description: |
-        Enter the configuration block for the backend (Refer to Vault documentation for valid backend configuration elements) put each item on a separate line
-      type: multiline
+        Enter the configuration block for the backend (Refer to Vault documentation for valid backend configuration elements) in JSON format
+      type: string
    - variable: HOST_LABEL
      label: Optional Host label to bind LoadBalancer to
      description: |
        If you wish to bind your LoadBalancer to a specific host node, you can specify the label and value here in name=value pair format
      default: "lbhost=true"
      type: string
+    - variable: CLUSTER_SCALE
+      label: How many Vault servers do you want in your cluster?
+      description: |
+        Select the number of VAULT servers you want to set up in your cluster
+      default: 1
+      type: int
+      required: true
    - variable: VOLUME_DRIVER
      label: Driver for volumes
      description: |
@ -112,5 +116,5 @@ services:
      interval: 2000
      reinitializing_timeout: 60000
  vault:
-    scale: 1
+    scale: ${CLUSTER_SCALE}
    start_on_create: true