Continuous Delivery

Credentials manager

HashiCrop Vault

  • Tool for Managing Secrets

Deployment

docker-compose.yml:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
version: '2'

services:
vault:
cap_add:
- IPC_LOCK
image: sjourdan/vault
network_mode: host
dns: 172.17.0.1
volumes:
- "$PWD/server.hcl:/config/server.hcl"
ports:
- "8200:8200"
entrypoint:
- /bin/vault
- server
- -config=/config/server.hcl

server.hcl:

1
2
3
4
5
6
7
8
9
10
backend "consul" {
address = "127.0.0.1:8500"
path = "vault"
redirect_addr = "http://192.168.50.104:8200"
}

listener "tcp" {
address = "0.0.0.0:8200"
tls_disable = 1
}

Creating tokens

1
vault token-create -policy=name_of_your_recently_created_policy -orphan -period="12h"

Tools

⬆︎TOP