From 8a7d4ee09232824d4b85813143b58e2ddaed0336 Mon Sep 17 00:00:00 2001
From: "Cobb, Randy" <randy.cobb@nordstrom.com>
Date: Tue, 10 Apr 2018 11:41:50 -0700
Subject: [PATCH] Latest pull request changes made:   - refactored the config
 mechanism to use a template   - added all supported backend storage engines  
 - added a scale option to spin up an entire cluster at once   - various other
 typo fixes

---
 templates/vault/0/README.md              | 21 ++++++++-----------
 templates/vault/0/docker-compose.yml.tpl | 18 ++++++++--------
 templates/vault/0/rancher-compose.yml    | 26 ++++++++++++++----------
 3 files changed, 33 insertions(+), 32 deletions(-)

diff --git a/templates/vault/0/README.md b/templates/vault/0/README.md
index 592a8a1..4dd28ba 100644
--- a/templates/vault/0/README.md
+++ b/templates/vault/0/README.md
@@ -13,23 +13,20 @@ This catalog item uses these two main containers:
 ## Deployment:
 1. Select the catalog item and choose a version from the drop-down box
 2. Adjust any values on the page to meet your needs.
-3. Make any adjustments to the default config provided, such as:
-   * A different backend than the Consul server specified.
-   * Different ports to listen on (NOTE: Vault ALWAYS listens on port 8200, but you can adjust the LoadBalancer ports to any that are acceptable to your environment; the LoadBalancer handles routing between the port you specify and port 8200 (and 8201) in Vault itself.
-4. Specify the Volume Driver for pesistent mounting of Vault's FILE backing store, and CONFIGURATION
-5. Finally, once the stack is up, you can use your normal Vault process to init, unseal, and more.
-6. Enjoy!
+3. Select a backend type and specify values specific to that type (i.e.: for Consul: "address":"SERVICE:8500","path":"myNewVault"
+4. Different ports to listen on (NOTE: Vault ALWAYS listens on port 8200, but you can adjust the LoadBalancer ports to any that are acceptable to your environment; the LoadBalancer handles routing between the port you specify and port 8200 (and 8201) in Vault itself.
+5. Specify the Volume Driver for pesistent mounting of Vault's FILE backing store, and CONFIGURATION
+6. Specify how many vault servers you want in your cluster (You'll always only get only 1 load balancer)
+6. Finally, once the stack is up, you can use your normal Vault process to init, unseal, and more.
+7. Enjoy!
 
 ## Backend Configuration
-This field is for specifying your backend configuration values.  You enter them in a name=value pair format with each separate element being on its own line.  For example:
+This field is for specifying your backend configuration values.  You enter them in a name=value pair format just as you would in a Vault configuration file; with each separate element being on its own line.  For example:
 ```
-address = "http://locahost:2379"
-etcd_api = "v3"
+"address": "http://locahost:2379","etcd_api": "v3"
 ```
 would be a valid configuration for Etcd and
 ```
-access_key = "abcd1234"
-secret_key = "defg5678"
-bucket     = "my-bucket"
+"access_key": "abcd1234","secret_key": "defg5678","bucket": "my-bucket"
 ```
 would be valid for Amazon S3 buckets.
diff --git a/templates/vault/0/docker-compose.yml.tpl b/templates/vault/0/docker-compose.yml.tpl
index 0584a06..1febc56 100755
--- a/templates/vault/0/docker-compose.yml.tpl
+++ b/templates/vault/0/docker-compose.yml.tpl
@@ -11,25 +11,25 @@ services:
     - ${VAULT_LISTEN_PORT}:8200/tcp
     - ${VAULT_CLUSTER_PORT}:8201/tcp
     labels:
-{{- if .Values.HOST_LABEL }}
-      io.rancher.scheduler.affinity:host_label: ${HOST_LABEL}
-{{- end }}
       io.rancher.container.agent.role: environmentAdmin,agent
       io.rancher.container.agent_service.drain_provider: 'true'
       io.rancher.container.create_agent: 'true'
+{{- if .Values.HOST_LABEL }}
+      io.rancher.scheduler.affinity:host_label: ${HOST_LABEL}
+{{- end }}
   vault:
+    image: vault:0.9.6
     cap_add:
     - IPC_LOCK
-    image: vault:0.9.6
+{{- if .Values.VAULT_BACKEND }}
+    external_links:
+    - ${BACKEND_SERVICE}:SERVICE
+{{- end }}
     environment:
       VAULT_REDIRECT_INTERFACE: "eth0"
       VAULT_CLUSTER_INTERFACE: "eth0"
       VAULT_LOCAL_CONFIG: |
-        { "backend": "{{.Values.VAULT_BACKEND}}": { {{.Values.BACKEND_CONFIGURATION}} },"listener":{"tcp":{"address":"0.0.0.0:8200","tls_disable":1}}, "cluster_name":"{{.Values.VAULT_CLUSTER_NAME}}" }
-{{- if .Values.VAULT_BACKEND }}
-    external_links:
-    - ${VAULT_BACKEND}:SERVICE
-{{- end }}
+        { "storage":{"{{.Values.VAULT_BACKEND}}":{ {{.Values.BACKEND_CONFIGURATION}} }},"listener":{"tcp":{"address":"0.0.0.0:8200","tls_disable":1}},"cluster_name":"{{.Values.VAULT_CLUSTER_NAME}}"}
     volumes:
     - vault-file:/vault/file
     - vault-config:/vault/config
diff --git a/templates/vault/0/rancher-compose.yml b/templates/vault/0/rancher-compose.yml
index 272fd41..9168365 100755
--- a/templates/vault/0/rancher-compose.yml
+++ b/templates/vault/0/rancher-compose.yml
@@ -13,10 +13,6 @@ catalog:
       type: string
       default: myCluster
       required: true
-    - variable: VAULT_BACKEND
-      label: Backend for Vault
-      description: |
-        Provide the backend engine for Vault (i.e., Consul, File, etc.)
     - variable: VAULT_LISTEN_PORT
       label: Vault Listen Port
       description: |
@@ -45,7 +41,7 @@ catalog:
         - couchdb
         - dynamodb
         - etcd
-        - filesystem
+        - file
         - gcs
         - inmem
         - manta
@@ -59,22 +55,30 @@ catalog:
     - variable: BACKEND_SERVICE
       label: Specify the Backend service to connect to
       description: |
-        The pre-installed Backend server to back to.  To reference, you can use the memory variable "$SERVICE" in your URLs.  For example: "consul://$SERVICE:8500"
+        The pre-installed Backend server to back to.  To reference, you can use the memory variable "SERVICE" in your URLs.  For example: "consul://SERVICE:8500"
       default: "select"
       type: service
     - variable: BACKEND_CONFIGURATION
-      label: Specify the backend configuration in name=value format
-      default: "path=\"/mnt/vault/data\""
+      label: Specify the backend configuration in valid JSON format
+      default: |
+        "path":"/mnt/vault/data"
       required: true
       description: |
-        Enter the configuration block for the backend (Refer to Vault documentation for valid backend configuration elements) put each item on a separate line
-      type: multiline
+        Enter the configuration block for the backend (Refer to Vault documentation for valid backend configuration elements) in JSON format
+      type: string
     - variable: HOST_LABEL
       label: Optional Host label to bind LoadBalancer to
       description: |
         If you wish to bind your LoadBalancer to a specific host node, you can specify the label and value here in name=value pair format
       default: "lbhost=true"
       type: string
+    - variable: CLUSTER_SCALE
+      label: How many Vault servers do you want in your cluster?
+      description: |
+        Select the number of VAULT servers you want to set up in your cluster
+      default: 1
+      type: int
+      required: true
     - variable: VOLUME_DRIVER
       label: Driver for volumes
       description: |
@@ -112,5 +116,5 @@ services:
       interval: 2000
       reinitializing_timeout: 60000
   vault:
-    scale: 1
+    scale: ${CLUSTER_SCALE}
     start_on_create: true