Tags: vault consul install

November 12th 2018

In this post, we will Install Vault on Ubuntu 18.04. Vault is an awesome solution to storing secrets for your application stack.

Getting Started

We will install Vault on Ubuntu 18.04 as a standalone server. We will also configure Consul to run on the same server and act as a storage backend for our Vault instance.

A New Era of Gaming: Nvidia's Revolut…
Understanding the Software and Apps o…
Crafting Stability: A Comprehensive G…
Langtang Village Before And After Ear…
Playing defence on the carbon tax has…

Prerequisites

To get started, I created a new virtual machine with 8 vCPUs, 2 GB of memory and 40 GB of hard drive space.

Next, install a fresh copy of Ubuntu 18.04.1.

After it reboots and comes back up, install all the updates and reboot again for the new kernel to take effect.

apt update && apt upgrade -y
reboot

After it is finished rebooting we need to install unzip.

sudo su -
apt install unzip -y

We are now ready to begin installing Consul and Vault.

Installing Consul

We are installing Consul locally so that it will act as our storage backend for Vault.

If you already have a full Consul cluster use that instead.

If you want to install a full Consul cluster then follow my article INSTALL CONSUL ON UBUNTU.

To install locally, first go to the Consul downloads page. Right-click the link for Linux 64-bit and select ‘copy link address’ or whatever the similar option is for your browser.

Back on your Vault server use wget and the URL you copied to download the Consul binaries.

wget https://releases.hashicorp.com/consul/1.3.0/consul_1.3.0_linux_amd64.zip

Next unzip it and move it to a better home.

unzip consul_1.3.0_linux_amd64.zip
mv consul /usr/bin

Next, we want to run Consul as a service so we need to configure a SystemD service for Consul.

Create /etc/systemd/system/consul.service and add the following contents.

[Unit]
Description=Consul
Documentation=https://www.consul.io/

[Service]
ExecStart=/usr/bin/consul agent -server -ui -data-dir=/tmp/consul -bootstrap-expect=1 -node=vault -bind=192.168.1.28 -config-dir=/etc/consul.d/
ExecReload=/bin/kill -HUP $MAINPID
LimitNOFILE=65536

[Install]
WantedBy=multi-user.target

Make sure to update the node value and the bind ip address to match the virtual machine you created.

Save the file and exit.

Next we need to add some configuration so that we can access the Consul GUI from our network.

First, make the configuration directory.

mkdir /etc/consul.d/

Next, create a new file /etc/consul.d/ui.json and add the following contents.

{
  "addresses": {
    "http": "0.0.0.0"
  }
}

Save the file and exit.

Now we are ready to start the Consul Service.

systemctl daemon-reload
systemctl start consul
systemctl enable consul

Verify that our Consul Service is running.

root@vault:~# consul members
Node   Address            Status  Type    Build  Protocol  DC   Segment
vault  192.168.1.28:8301  alive   server  1.3.0  2         dc1

Now that we have Consul running we can install Vault on Ubuntu 18.04.

Install Vault

We will be installing Vault in much the same way we installed Consul.

First, go to the Vault Downloads page and copy the URL just like we did for Consul.

Again, use wget to download the zip file.

wget https://releases.hashicorp.com/vault/0.11.4/vault_0.11.4_linux_amd64.zip

Unzip the file.

unzip vault_0.11.4_linux_amd64.zip

Move the binary to a better home.

mv vault /usr/bin

Create a configuration directory /etc/vault

mkdir /etc/vault

Create a new file /etc/vault/config.hcl with the following contents:

storage "consul" {
  address = "127.0.0.1:8500"
  path    = "vault/"
}

listener "tcp" {
 address     = "192.168.1.28:8200"
 tls_disable = 1
}

ui = true

Make sure to update the listener address to the correct IP address of your server.

Save and exit.

This will tell Vault to use our local Consul Server for the backend.

Next, we need to start the Vault Service.

systemctl daemon-reload
systemctl start vault
systemctl enable vault

To enable the CLI to connect to our Vault service run this command:

export VAULT_ADDR=http://192.168.1.28:8200

Make sure to update the IP address to your server’s IP address.

After Vault starts we need to initialize it. This only has to be done once or when you change storage backends for some reason.

vault operator init

Your Vault server is now running.

If you want to learn more about using Vault, checkout their Getting Started Tutorial.

Conclusion

I hope you have enjoyed this post.

If you did then please share it and comment below.

Also be sure to sign up for the AdminTome Blog Newsletter.

The post Install Vault on Ubuntu 18.04 appeared first on AdminTome Blog.

This post first appeared on AdminTome, please read the originial post: here

People also like

A New Era of Gaming: Nvidia's Revolutionary Cloud Technology

Understanding the Software and Apps of the Samsung Galaxy Tab S8 tablet

Crafting Stability: A Comprehensive Guide to Building a 3m AAC Wall

Langtang Village Before And After Earthquake

Playing defence on the carbon tax has put Trudeauâ€™s Liberals on the defensive

Hardening Ubuntu Pro 22.04 with CIS Benchmarks

Install Vault on Ubuntu 18.04

Getting Started

Related Articles

Prerequisites

Installing Consul

Install Vault

Conclusion

Share the post

Subscribe to Admintome

Thank you for your subscription