hashicorp – vault – docker

Posted on May 19, 2024 by Tom Hamilton
Reading Time: 2 minutes

Last Update: 5/19/2024

THIS IS UNFINISHED!

I would say see: https://medium.com/@smaschek85/setting-up-hashicorp-vault-with-docker-74d82bdd7f31 Let me be extraneous for a moment. This is not a for pay site. I don’t put ads in here. I am ok with sites with ads, it’s just not my cup of tea. The medium site is a very useful one. If I am googling I find often find relevant articles published on Medium or DigitalOcean. DigitalOcean’s articles are generally nice as they generally provide a good 3rd party look at a subject. I.e. You are X. you want to work with Y. Here is how you can do it.

We always can fall victim to being out of date. This article, will at some point become aged.

Having said that this article is written in 2024. The above Medium article does not publish a date so it’s hard to tell how off it is. It is not surprising therefore that a lot has changed. I need to say two things at once here. 1) The article is still useful. 2) it is out of date. Let’s work on getting things caught up shall we.

A couple of things to reference: https://github.com/compose-spec/compose-spec/blob/master/spec.md The URL references the compose specification. There probably are more than a few things relevant here but I want to talk about one thing. If we are using docker we might be using a configuration file like “docker-compose.yaml” This makes it easy to use the “docker compose up” command to painlessly bring the project up. Fast forward and more than a few things have changed since the publication in the Medium post. Let’s review,

  1. The compose spec has deprecated the use of the “version” line. You don’t have to specify what version you are targeting. So this line can be cut out
  2. The location for the hashicorp vault image has changed. You now reference it as hashicorp\vault

So altogether a new “docker-compose.yaml” file might look like.

services:
  vault:
    image: hashicorp/vault:latest
    container_name: vault
    ports:
      - 8200:8200
    environment:
      - VAULT_ADDR=http://0.0.0.0:8200
      - VAULT_API_ADDR=http://0.0.0.0:8200
    restart: always
    volumes:
      - ./volumes/logs:/vault/logs
      - ./volumes/file:/vault/file
      - ./volumes/config:/vault/config
    cap_add:
      - IPC_LOCK
This entry was posted in Secrets, Vaulr. Bookmark the permalink.