Please enter at least 3 characters
May 21, 2023 2 min read

How To Set Up Hashicorp Vault Secrets Manager With Docker

HashiCorp Vault is a popular secret management system that provides a secure way to store and access secrets. This tutorial covers how to set up Hashicorp Vault Secrets Manager with Docker.

Chad Crouch Chad Crouch
How To Set Up Hashicorp Vault Secrets Manager With Docker
Hashicorp Vault Docker
Table of Contents

HashiCorp Vault is a popular secret management system that provides a secure way to store and access secrets. It can be used to store a variety of secrets, including passwords, API keys, and certificates. Vault is a powerful tool that can help improve your applications' security. I am specifically going to integrate it with Ansible Automation and various other tasks in my environment. In this tutorial today, we are covering how to install HashiCorp Vault with Docker.

Vault Secrets Manager Config And Docker Setup

The first step is to create a vault.json file and add the json config below:

vault.json

{
  "backend": {
    "file": {
      "path": "/vault/file"
    }
  },
  "listener": {
    "tcp":{
      "address": "0.0.0.0:8200",
      "tls_disable": 1
    }
  },
  "ui": true
}

Next is to create the docker-compose.yml file and add the docker-compose script below:

docker-compose.yml

version: "3.8"
services:
  vault-server:
    image: vault:latest
    container_name: vault-server
    ports:
      - "8200:8200"
    restart: always
    volumes:
      - /docker/vault/logs:/vault/logs
      - /docker/vault/file:/vault/file
      - /docker/vault/config:/vault/config
    cap_add:
      - IPC_LOCK
    entrypoint: vault server -config=/vault/config/vault.json

Next is to create your vault directory under your docker directory and config under the vault directory if you do decide to configure your persistent storage like in the above docker-compose.yml file, if not then update your persistent volume information under the volumes section. Copy vault.json to /docker/vault/config and then your docker-compose.yml to your directory where you store all your docker-compose directories. Next, navigate to the directory where you copied your docker-compose.yml and run docker-compose up -d from your CLI to deploy the vault docker containers.

Once complete you navigate to the web UI http:ip_addr:8200/ui or via the vault api http:ip_addr:8200 to access the secrets manager platform.

Vault Web UI

Conclusion

In conclusion, Hashicorp's Vault is one of the most used open-source and reliable secrets managers built to date. It integrates well with many services and platforms including cloud providers and Kubernetes. If you enjoyed this article consider signing up for our newsletter and don't forget to share it with people that would find it useful. Leave a comment below with a tutorial you would like us to cover.

Tutorials Selfhosted DevOps
You might also like
Great! You’ve successfully signed up.
Welcome back! You've successfully signed in.
You've successfully subscribed to Opensource Geeks.
Your link has expired.
Success! Check your email for magic link to sign-in.
Success! Your billing info has been updated.
Your billing was not updated.