Difficulty: beginner
Estimated Time: 10-15 minutes

This scenario explains the different aspects of launching a Vault cluster with Consul storage backend and PostgreSQL secret backend.

The environment has a Docker installation configured, running on a host called docker. Everything else required we'll launch as containers.

This scenario has explained how to launch a Kubernetes cluster. In future scenarios you'll learn more details about Kubernetes, starting with launching your first example application.

First steps with a Vault Cluster

Step 1 of 8

Step 1 - Init

The first script launches the Consul and Vault containers ./start-vault.sh

The Vault starts sealed meaning you can read/write data. Use the helper script to unseal the vault ./unseal-vault.sh. If this errors, it's because Vault is still initialising.

The final stage is to obtain the access token; this is outputted when we initialised and unsealed the vault.

export VAULT_TOKEN=$(grep 'Initial Root Token:' keys.txt | awk '{print substr($NF, 1, length($NF)-1)}')

Now we need to authenticate using the root token we just grabbed export VAULT_ADDR=http://127.0.0.1:8200 alias vault='docker exec -it vault-dev vault "[email protected]"' vault auth -address=${VAULT_ADDR} ${VAULT_TOKEN}

After running the commands Vault and your environment have been configured.