GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects â†’ v6 â†’ super-duper-vault-train

v6 / super-duper-vault-train

Licence: GPL-3.0 License
🚄▼▼▼▼▼▼

Programming Languages

shell
77523 projects
HCL
1544 projects
python
139335 projects - #7 most used programming language
ruby
36898 projects - #4 most used programming language

Labels

vagrantconsulvaultvault-clustercodified-vault-policies

Projects that are alternatives of or similar to super-duper-vault-train

Ansible Vault
🔑 Ansible role for Hashicorp Vault
Stars: ✭ 189 (+894.74%)
Mutual labels:  vagrant, consul, vault
hashicorp-labs
Deploy locally on VM an Hashicorp cluster formed by Vault, Consul and Nomad. Ready for deploying and testing your apps.
Stars: ✭ 32 (+68.42%)
Mutual labels:  vagrant, consul, vault
100 Days Of Go
100 days of Go learning
Stars: ✭ 24 (+26.32%)
Mutual labels:  vagrant, consul, vault
vagrant-vault-consul-docker-monitoring
No description or website provided.
Stars: ✭ 20 (+5.26%)
Mutual labels:  consul, vault
vault-consul-kubernetes
vault + consul on kubernetes
Stars: ✭ 60 (+215.79%)
Mutual labels:  consul, vault
hubble
hubbling the universe nebula by nebula
Stars: ✭ 18 (-5.26%)
Mutual labels:  consul, vault
Learning Tools
A collection of tools and files for learning new technologies
Stars: ✭ 1,287 (+6673.68%)
Mutual labels:  vagrant, consul
docker vault
Docker + Consul + Vault
Stars: ✭ 34 (+78.95%)
Mutual labels:  consul, vault
vault-consul-docker
HashiCorp Vault with Consul backend in Docker
Stars: ✭ 20 (+5.26%)
Mutual labels:  consul, vault
vault-consul-monitoring
Sample project to explore monitoring Vault and Consul with telegraf/influxdb/grafana
Stars: ✭ 52 (+173.68%)
Mutual labels:  consul, vault
vault-consul-swarm
Deploy Vault and Consul with Docker Swarm
Stars: ✭ 20 (+5.26%)
Mutual labels:  consul, vault
hcat
Hashicorp Configuration and Templating library (hcat, pronounced hashicat)
Stars: ✭ 89 (+368.42%)
Mutual labels:  consul, vault
vault-load-testing
Automated load tests for Vault and Consul using the locust.io Python framework
Stars: ✭ 44 (+131.58%)
Mutual labels:  consul, vault
hookpick
A tool to manage some operational concepts of Hashicorp Vault
Stars: ✭ 83 (+336.84%)
Mutual labels:  consul, vault
My Cheat Sheets
A place to keep all my cheat sheets for the complete development of ASIC/FPGA hardware or a software app/service.
Stars: ✭ 94 (+394.74%)
Mutual labels:  vagrant, consul
nomad-box
Nomad Box - Simple Terraform-powered setup to Azure of clustered Consul, Nomad and Traefik Load Balancer that runs Docker/GoLang/Java workloads. NOTE: Only suitable in dev environments at the moment until I learn more Terraform, Consul, Nomad, Vault :P
Stars: ✭ 18 (-5.26%)
Mutual labels:  consul, vault
Hashi Helper
Disaster Recovery and Configuration Management for Consul and Vault
Stars: ✭ 155 (+715.79%)
Mutual labels:  consul, vault
Cault
docker compose for consul and vault official images
Stars: ✭ 157 (+726.32%)
Mutual labels:  consul, vault
offensive-infrastructure
Offensive Infrastructure with Modern Technologies
Stars: ✭ 88 (+363.16%)
Mutual labels:  consul, vault
nomad-demo
Vagrant based demo setup for running Hashicorp Nomad
Stars: ✭ 88 (+363.16%)
Mutual labels:  vagrant, consul
View All Similar Projects âž”

super-duper-vault-train

▼🚄

Target Audience

I wrote this for people who, I assume, already know a little about scripting, Git, configuring new SSH connections, installing software, and Virtual Machines, because these are hard to explain and have much better resources elsewhere.

If you get stuck with the prerequisites, tools to install, or downloading the code, please have a look at the resources on the internet.

Especially for Vagrant, the Getting Started guide takes about 30 minutes once you have Vagrant and Virtualbox installed: https://www.vagrantup.com/intro/getting-started/index.html

If you get an error with Vault working improperly, though, make a Github issue ASAP.

OS-Specific Prerequisites

  • MacOS: OSX 10.13 or later
  • Windows: Windows must have Powershell 3.0 or later. If you're on Windows 7, I recommend Windows Management Framework 4.0, because it's easier to install

Vagrant

Install Tools

  1. Make sure you have Git installed
  2. Install the latest version of Vagrant (NOTE: WINDOWS 7 AND WINDOWS 8 REQUIRE POWERSHELL >= 3)
  3. Install the latest version of VMWare or Virtualbox

Download the Code for this

Related Vendor Documentation Link: https://help.github.com/articles/cloning-a-repository

git clone https://github.com/v6/super-duper-vault-train.git

Use this Code to Make a Vault Cluster

Related Vagrant Vendor Documentation Link: https://www.vagrantup.com/intro/index.html#why-vagrant-

cd super-duper-vault-train
vagrant up ## NOTE: You may have to wait a while for this, and there will be some "connection retry" errors for a long time before a successful connection occurs, because the VM is booting. Make sure you have the latest version, and try the Vagrant getting started guide, too vagrant status
vagrant ssh instance5
After you do this, you'll see your command prompt change to show vagrant@instance5.
You can also vagrant ssh to other VMs listed in the output of vagrant status.

You can now use Vault or Consul from within the VM for which you ran vagrant ssh.

Vault

Explore the Vault Cluster

ps -ef | grep vault ## Check the Vault process (run while inside a Vagrant-managed Instance)
ps -ef | grep consul ## Check the Consul process (run while inside a Vagrant-managed Instance)
vault version ## Output should be Vault v0.10.2 ('3ee0802ed08cb7f4046c2151ec4671a076b76166')
consul version ## Output should show Consul Agent version and Raft Protocol version

The Vagrant boxes have the following IP addresses:

192.168.13.35

192.168.13.36

192.168.13.37

Vault is on port 8200.

Consul is on port 8500.

Click the Links

http://192.168.13.35:8200 (Vault)

http://192.168.13.35:8500 (Consul)

http://192.168.13.36:8200 (Vault)

http://192.168.13.36:8500 (Consul)

http://192.168.13.37:8200 (Vault)

http://192.168.13.37:8500 (Consul)

Start Vault Data

Related Vendor Documentation Link: https://www.vaultproject.io/api/system/init.html

Start Vault.
Run this command on one of the Vagrant-managed VMs, or somewhere on your computer that has curl installed.

    curl -s --request PUT -d '{"secret_shares": 3,"secret_threshold": 2}' http://192.168.13.35:8200/v1/sys/init

Unseal Vault

Related Vendor Documentation Link: https://www.vaultproject.io/api/system/unseal.html

This will unseal the Vault at 192.168.13.35:8200. You can use the same process for 192.168.13.36:8200 and 192.168.13.37:8200.

  1. Use your unseal key to replace the value for key abcd1430890..., and run this on the Vagrant-managed VM.
    curl --request PUT --data '{"key":"abcd12345678..."}' http://192.168.13.35:8200/v1/sys/unseal
  1. Run that curl command again. But use a different value for "key":. Replace efgh2541901... with a different key than you used in the previous step, from the keys you received when running the v1/sys/init endpoint.
    curl --request PUT --data '{"key":"efgh910111213..."}' http://192.168.13.35:8200/v1/sys/unseal

Non-Vagrant

Please refer to the file PRODUCTION_INSTALLATION.md in this repository.

Codified Vault Policies and Configuration

To Provision Vault via its API, please refer to the provision_vault folder.

It has data and scripts.

The data folder's tree corresponds to the HashiCorp Vault API endpoints, similar to the following:

https://www.hashicorp.com/blog/codifying-vault-policies-and-configuration#layout-and-design

You can use the Codified Vault Policies and Configuration with your initial Root token, after initializing and unsealing Vault, to configure Vault quickly via its API.

The .json files inside each folder correspond to the payloads to send to Vault via its API, but there may also be .hcl, .sample, and .sh files for convenience's sake.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].