TutorialsSelfhostedDevOps

How To Set Up Hashicorp Vault Secrets Manager With Docker

0 Comments

HashiCorp Vault is a popular secret management system that provides a secure way to store and access secrets. It can be used to store a variety of secrets, including passwords, API keys, and certificates. Vault is a powerful tool that can help improve your applications' security. I am specifically going to integrate it with Ansible Automation and various other tasks in my environment. In this tutorial today, we are covering how to install HashiCorp Vault with Docker.

Vault Secrets Manager Config And Docker Setup

The first step is to create a vault.json file and add the json config below:

vault.json

{
  "backend": {
    "file": {
      "path": "/vault/file"
    }
  },
  "listener": {
    "tcp":{
      "address": "0.0.0.0:8200",
      "tls_disable": 1
    }
  },
  "ui": true
}

Next is to create the docker-compose.yml file and add the docker-compose script below:

docker-compose.yml

version: "3.8"
services:
  vault-server:
    image: vault:latest
    container_name: vault-server
    ports:
      - "8200:8200"
    restart: always
    volumes:
      - /docker/vault/logs:/vault/logs
      - /docker/vault/file:/vault/file
      - /docker/vault/config:/vault/config
    cap_add:
      - IPC_LOCK
    entrypoint: vault server -config=/vault/config/vault.json

Next is to create your vault directory under your docker directory and config under the vault directory if you do decide to configure your persistent storage like in the above docker-compose.yml file, if not then update your persistent volume information under the volumes section. Copy vault.json to /docker/vault/config and then your docker-compose.yml to your directory where you store all your docker-compose directories. Next, navigate to the directory where you copied your docker-compose.yml and run docker-compose up -d from your CLI to deploy the vault docker containers.

Once complete you navigate to the web UI http:ip_addr:8200/ui or via the vault api http:ip_addr:8200 to access the secrets manager platform.

Vault Web UI

Conclusion

In conclusion, Hashicorp's Vault is one of the most used open-source and reliable secrets managers built to date. It integrates well with many services and platforms including cloud providers and Kubernetes. If you enjoyed this article consider signing up for our newsletter and don't forget to share it with people that would find it useful. Leave a comment below with a tutorial you would like us to cover.

Newsletter

Become part of the Opensource Geeks community and stay updated on opensource topics like Coding, Linux, Opensource listicles and Self-Hosted Opensource Software:

Chad Crouch

GoLang Fanatic & FullStack Geek experienced in multiple enterprise environments. Has a huge passion for the open-source world specifically Linux and Opensource Software.

How I Built An Autonomous Newsletter Compiler Tool With GoLang, GitHub Actions, Listmonk, And Docker

How To Set Up Ansible Inside A Github Repository And Automate Your Workloads

Comments