2017-08-02 20:20:06 +00:00
|
|
|
This package provides Vault configuration files that can be used to quickly
|
|
|
|
|
configure a Vault server when testing Nomad and Vault integrations.
|
|
|
|
|
|
|
|
|
|
To configure a Vault server run the following:
|
|
|
|
|
|
|
|
|
|
In one shell run the Vault server:
|
|
|
|
|
|
|
|
|
|
```shell
|
|
|
|
|
vault server -dev
|
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
In another run the following to configure the Vault server and create a token
|
|
|
|
|
for the Nomad servers (must be in nomad/dev/vault):
|
|
|
|
|
|
|
|
|
|
```shell
|
|
|
|
|
export VAULT_ADDR='http://127.0.0.1:8200'
|
2018-04-11 19:51:36 +00:00
|
|
|
vault policy write nomad-server nomad-server-policy.hcl
|
2017-08-02 20:20:06 +00:00
|
|
|
vault write /auth/token/roles/nomad-cluster @nomad-cluster-role.json
|
2018-04-11 19:51:36 +00:00
|
|
|
vault token create -policy nomad-server -period 72h -orphan
|
2017-08-02 20:20:06 +00:00
|
|
|
```
|
|
|
|
|
|
|
|
|
|
You can then run Nomad using the generated token. An example would be:
|
|
|
|
|
|
|
|
|
|
```
|
|
|
|
|
nomad agent -dev -vault-enabled -vault-address=http://127.0.0.1:8200 \
|
|
|
|
|
-vault-create-from-role=nomad-cluster -vault-token=<token>
|
|
|
|
|
```
|
