Continuous Delivery

Credentials manager

HashiCrop Vault

  • Tool for Managing Secrets

Deployment

docker-compose.yml:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
version: '2'

services:
    vault:
      cap_add:
      - IPC_LOCK
      image: sjourdan/vault
      network_mode: host
      dns: 172.17.0.1
      volumes:
        - "$PWD/server.hcl:/config/server.hcl"
      ports:
        - "8200:8200"
      entrypoint:
        - /bin/vault
        - server
        - -config=/config/server.hcl

server.hcl:

1
2
3
4
5
6
7
8
9
10
backend "consul" {
  address = "127.0.0.1:8500"
  path = "vault"
  redirect_addr = "http://192.168.50.104:8200"
}

listener "tcp" {
 address = "0.0.0.0:8200"
 tls_disable = 1
}

Creating tokens

1
vault token-create -policy=name_of_your_recently_created_policy -orphan -period="12h"

Tools

Comments

⬆︎TOP