Vault
- By Vault charmers
- Security
Channel | Revision | Published | Runs on |
---|---|---|---|
latest/edge | 222 | 20 Jan 2024 | |
1.8/stable | 209 | 05 Jan 2024 | |
1.8/edge | 164 | 09 Aug 2023 | |
1.15/beta | 276 | 18 Apr 2024 | |
1.15/edge | 290 | 09 May 2024 | |
1.7/stable | 210 | 10 Jan 2024 | |
1.6/stable | 289 | 05 May 2024 | |
1.5/stable | 268 | 11 Apr 2024 |
juju deploy vault --channel 1.15/beta
Deploy universal operators easily with Juju, the Universal Operator Lifecycle Manager.
Platform:
22.04
Unseal a sealed unit
In the circumstance that a Vault unit restarts, you will have to manually unseal it. This guide walks you through the necessary steps:
Starting from a cluster where one unit is sealed:
$ juju status
Model Controller Cloud/Region Version SLA Timestamp
demo localhost-localhost localhost/localhost 3.4.0 unsupported 12:34:35-04:00
App Version Status Scale Charm Channel Rev Exposed Message
vault blocked 3 vault 1.15/beta 257 no Waiting for Vault to be unsealed
Unit Workload Agent Machine Public address Ports Message
vault/0* active idle 0 10.191.126.116
vault/1 active idle 1 10.191.126.151
vault/2 blocked idle 2 10.191.126.90 Waiting for Vault to be unsealed
Machine State Address Inst id Base AZ Message
0 started 10.191.126.116 juju-b8368f-0 ubuntu@22.04 Running
1 started 10.191.126.151 juju-b8368f-1 ubuntu@22.04 Running
2 started 10.191.126.90 juju-b8368f-2 ubuntu@22.04 Running
Set the VAULT_ADDR
variable to the sealed unit:
export VAULT_ADDR=https://$(juju status vault/2 --format=yaml | awk '/public-address/ { print $2 }'):8200; echo $VAULT_ADDR
Unseal the the unit using the same unseal keys as received during the initialization of the Vault leader:
vault operator unseal EJoB62t286mjUpSQYZg3mOla3lz/bbElVL5OLnj+rpE=
The units will go back to the active/idle state:
$ juju status
demo localhost-localhost localhost/localhost 3.4.0 unsupported 12:39:11-04:00
App Version Status Scale Charm Channel Rev Exposed Message
vault active 3 vault 1.15/beta 257 no
Unit Workload Agent Machine Public address Ports Message
vault/0* active idle 0 10.191.126.116
vault/1 active idle 1 10.191.126.151
vault/2 active idle 2 10.191.126.90
Machine State Address Inst id Base AZ Message
0 started 10.191.126.116 juju-b8368f-0 ubuntu@22.04 Running
1 started 10.191.126.151 juju-b8368f-1 ubuntu@22.04 Running
2 started 10.191.126.90 juju-b8368f-2 ubuntu@22.04 Running