open-vault/website/source/docs/configuration/storage/manta.html.md
Paul Stack 3c683dba92 Adding Manta Storage Backend (#3720)
This PR adds a new Storage Backend for Triton's Object Storage - Manta

```
make testacc TEST=./physical/manta
==> Checking that code complies with gofmt requirements...
==> Checking that build is using go version >= 1.9.1...
go generate
VAULT_ACC=1 go test -tags='vault' ./physical/manta -v  -timeout 45m
=== RUN   TestMantaBackend
--- PASS: TestMantaBackend (61.18s)
PASS
ok  	github.com/hashicorp/vault/physical/manta	61.210s
```

Manta behaves differently to how S3 works - it has no such concepts of Buckets - it is merely a filesystem style object store

Therefore, we have chosen the approach of when writing a secret `foo` it will actually map (on disk) as foo/.vault_value

The reason for this is because if we write the secret `foo/bar` and then try and Delete a key using the name `foo` then Manta
will complain that the folder is not empty because `foo/bar` exists. Therefore, `foo/bar` is written as `foo/bar/.vault_value`

The value of the key is *always* written to a directory tree of the name and put in a `.vault_value` file.
2018-02-12 18:22:41 -05:00

67 lines
2.4 KiB
Markdown
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

---
layout: "docs"
page_title: "Manta - Storage Backends - Configuration"
sidebar_current: "docs-configuration-storage-manta"
description: |-
The Manta storage backend is used to persist Vault's data in Triton's Manta Object
Storage. The storage folder must already exist.
---
# Manta Storage Backend
The Manta storage backend is used to persist Vault's data in [Triton's Manta Object
Storage][manta-object-store]. The storage folder must already exist.
- **No High Availability** the Manta storage backend does not support high
availability.
- **Community Supported** the Manta storage backend is supported by the
community. While it has undergone review by HashiCorp employees, they may not
be as knowledgeable about the technology. If you encounter problems with them,
you may be referred to the original author.
```hcl
storage "manta" {
directory = "manta-directory"
user = "myuser"
key_id = "40:9d:d3:f9:0b:86:62:48:f4:2e:a5:8e:43:00:2a:9b"
}
```
## `manta` Parameters
- `directory` `(string: <required>)` Specifies the name of the manta directory to use.
This will be in the `/stor/` folder in the specific manta account
The following settings are used for authenticating to Manta.
- `user` `(string: <required>)` Specifies the Manta user account name. This can also be provided via
the environment variable `MANTA_USER`.
- `key_id` `(string: <required>)` The fingerprint of the public key of the SSH key pair to use for authentication with the Manta API.
It is assumed that the SSH agent has the private key corresponding to this key ID loaded. This can also be provided
via the environment variable `MANTA_KEY_ID`.
- `subuser` - The name of a subuser that has been granted access to the Manta account. This can also be
provided via the environment variable `MANTA_SUBUSER`.
- `url`  Specifies the Manta URL. Defaults to `https://us-east.manta.joyent.com`. This can also be provided via
the environment variable `MANTA_URL`.
- `max_parallel` `(string: "128")` Specifies The maximum number of concurrent
requests to Manta.
## `manta` Examples
This example shows configuring the Azure storage backend with a custom number of
maximum parallel connections.
```hcl
storage "manta" {
directory = "vault-storage-directory"
max_parallel = 512
}
```
[manta-object-store]: https://www.joyent.com/triton/object-storage