27a4f2b934
- refactored the config mechanism to use a template - added all supported backend storage engines - added a scale option to spin up an entire cluster at once - various other typo fixes
1.9 KiB
Vault
Info:
This template deploys a Hashicorp Vault server along with a Rancher LoadBalancer. Once it is deployed, you will have a working Vault server ready to be scaled up to meet your environment's needs.
The template is designed to be flexible in how you configure it; you can either statically bind Vault to an existing Consul stack, or ignore Consul all together and paste in your own Vault configuration.
This catalog item uses these two main containers:
- Vault - The official Hashicorp Vault image
- Rancher LoadBalancer - Rancher's own official HAProxy load balancer
Deployment:
- Select the catalog item and choose a version from the drop-down box
- Adjust any values on the page to meet your needs.
- Make any adjustments to the default config provided, such as:
- A different backend than the Consul server specified.
- Different ports to listen on (NOTE: Vault ALWAYS listens on port 8200, but you can adjust the LoadBalancer ports to any that are acceptable to your environment; the LoadBalancer handles routing between the port you specify and port 8200 (and 8201) in Vault itself.
- Specify the Volume Driver for pesistent mounting of Vault's FILE backing store, and CONFIGURATION
- Finally, once the stack is up, you can use your normal Vault process to init, unseal, and more.
- Enjoy!
Backend Configuration
This field is for specifying your backend configuration options. You enter them in a JSON key:value pair format just as you would in a JSON Vault configuration file; with each separate element being comma-delimited. For example:
"address":"http://locahost:2379","etcd_api":"v3"
would be a valid configuration for Etcd and
"access_key":"abcd1234","secret_key":"defg5678","bucket":"my-bucket"
would be valid for Amazon S3 buckets.:w