![]() ![]() Found 4 Vault services Each node in the Vault cluster required: - local loopback address - a configuration file - a directory to store the contents of the Raft storage. Key Value - token hvs.D9IGFnaaq0EQdGEIDMyMincn token_accessor WB7pM07o9oydE1DKepOSS2rK token_duration ∞ token_renewable false token_policies identity_policies policies Success! Enabled the kv-v2 secrets engine at: kv/ storing secret 'kv/apikey' to demonstrate snapshot and recovery methods = Secret Path = kv/data/apikey = Metadata = Key Value - created_time T19:00:29.354452Z custom_metadata deletion_time n/a destroyed false version 1 = Secret Path = kv/data/apikey = Metadata = Key Value - created_time T19:00:29.354452Z custom_metadata deletion_time n/a destroyed false version 1 = Data = Key Value - webapp ABB39KKPTWOR832JGNLS02 Future Vault requests will automatically use this token. You do NOT need to run "vault login" again. The token information displayed below is already stored in the token helper. cluster.sh setup vault_2 starting Vault server Using root token (hvs.YFkvurx85VPSfsEwS6mSnfWj) to retrieve transit key for auto-unseal initializing and capturing the recovery key and root token Recovery key: VV9QAfeD0DpSIEAyJhuBw9sH5ZSICW/dYeuf/XjVmV4= Root token: hvs.D9IGFnaaq0EQdGEIDMyMincn waiting to finish post-unseal setup (15 seconds) logging in and enabling the KV secrets engine Success! You are now authenticated. Key Value - token hvs.YFkvurx85VPSfsEwS6mSnfWj token_accessor Ed0JMHdQGPyoDIrR7WbCGhrn token_duration ∞ token_renewable false token_policies identity_policies policies enabling the transit secret engine and creating a key to auto-unseal vault cluster Success! Enabled the transit secrets engine at: transit/ Key Value - allow_plaintext_backup false auto_rotate_period 0s deletion_allowed false derived false exportable false imported_key false keys map latest_version 1 min_available_version 0 min_decryption_version 1 min_encryption_version 0 name unseal_key supports_decryption true supports_derivation true supports_encryption true supports_signing false type aes256-gcm96 cluster.sh setup vault_1 starting Vault server initializing and capturing the unseal key and root token Unseal key: NheD5HT4IaCjLB2gv7a5t9dfw7tEjoHMZ67DS+5nQ3A= Root token: hvs.YFkvurx85VPSfsEwS6mSnfWj unsealing and logging in Key Value - Seal Type shamir Initialized true Sealed false Total Shares 1 Threshold 1 Version 1.14.0 Build Date Storage Type inmem Cluster Name vault-cluster-74bee892 Cluster ID d74ca2cf-a081-2918-b8a2-8a2ccd6c5b22 HA Enabled false Success! You are now authenticated. Open a terminal, and create a directory named $HOME/vault-tutorial, and vault_2 ( ) is initialized and unsealed. ![]() Token creates a transit key that enables the other Vaults auto-unseal.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |