vault icon indicating copy to clipboard operation
vault copied to clipboard

Published 20 hours ago verified publisher icon hashicorp

Unable to install vault in Suse Linux Micro OS

Open vijayscsa opened this issue 1 year ago • 3 comments

Environment: Suse Linux Enterprise Micro OS

  • Vault Version:
  • Operating System/Architecture: X86 - 64 Virtal machine Vault Config File:

Vault v0.10.3

Be sure to scrub any sensitive values


**Startup Log Output:**
<!-- Logs from vault's output on startup, if available. -->

```text
# Paste your log output here

Expected Behavior:

Actual Behavior:

Steps to Reproduce:

Important Factoids:

References:

vijayscsa avatar Jul 22 '22 15:07 vijayscsa

I am trying to deploy vault in a virtual machine with OS, Suse Linux Enterprise Micro. But no documentation on this and the binaries are not working.

vijayscsa avatar Jul 22 '22 15:07 vijayscsa

What exactly is the issue you're having?

hsimon-hashicorp avatar Jul 25 '22 14:07 hsimon-hashicorp

@vijayscsa I'm unable to reproduce this without more information. Using the vault_1.11.1_linux_amd64.zip binary from here and extracted, I use the following Containerfile:

from registry.suse.com/bci/bci-micro

COPY vault /bin/vault

And build and run with Buildah/Podman:

$ buildah bud -f ./Dockerfile 
STEP 1/2: FROM registry.suse.com/bci/bci-micro
STEP 2/2: COPY vault /bin/vault
COMMIT
Getting image source signatures
Copying blob 4a1b17e09ca6 skipped: already exists  
Copying blob 511b546c2b46 done  
Copying config 904db7c008 done  
Writing manifest to image destination
Storing signatures
--> 904db7c0088
904db7c0088b5b49b26029615642b46655573e692cb0459cb0d8078e3d169c2f
$ podman run -p 8200:8200 -ti 904db7c0088b5b49b26029615642b46655573e692cb0459cb0d8078e3d169c2f vault server -dev
==> Vault server configuration:

             Api Address: http://127.0.0.1:8200
                     Cgo: disabled
         Cluster Address: https://127.0.0.1:8201
              Go Version: go1.17.12
              Listener 1: tcp (addr: "127.0.0.1:8200", cluster address: "127.0.0.1:8201", max_request_duration: "1m30s", max_request_size: "33554432", tls: "disabled")
               Log Level: info
                   Mlock: supported: true, enabled: false
           Recovery Mode: false
                 Storage: inmem
                 Version: Vault v1.11.1, built 2022-07-19T20:16:47Z
             Version Sha: 0f634755745f4adf62ec0723a0b93d6dce5bc33e

==> Vault server started! Log data will stream in below:

2022-07-27T15:41:08.210Z [INFO]  proxy environment: http_proxy="" https_proxy="" no_proxy=""
2022-07-27T15:41:08.210Z [WARN]  no `api_addr` value specified in config or in VAULT_API_ADDR; falling back to detection if possible, but this value should be manually set
2022-07-27T15:41:08.211Z [INFO]  core: Initializing version history cache for core
2022-07-27T15:41:08.211Z [INFO]  core: security barrier not initialized
2022-07-27T15:41:08.211Z [INFO]  core: security barrier initialized: stored=1 shares=1 threshold=1
2022-07-27T15:41:08.211Z [INFO]  core: post-unseal setup starting
2022-07-27T15:41:08.213Z [INFO]  core: loaded wrapping token key
2022-07-27T15:41:08.213Z [INFO]  core: Recorded vault version: vault version=1.11.1 upgrade time="2022-07-27 15:41:08.213137007 +0000 UTC" build date=2022-07-19T20:16:47Z
2022-07-27T15:41:08.213Z [INFO]  core: successfully setup plugin catalog: plugin-directory=""
2022-07-27T15:41:08.213Z [INFO]  core: no mounts; adding default mount table
2022-07-27T15:41:08.213Z [INFO]  core: successfully mounted backend: type=cubbyhole path=cubbyhole/
2022-07-27T15:41:08.214Z [INFO]  core: successfully mounted backend: type=system path=sys/
2022-07-27T15:41:08.214Z [INFO]  core: successfully mounted backend: type=identity path=identity/
2022-07-27T15:41:08.215Z [INFO]  core: successfully enabled credential backend: type=token path=token/ namespace="ID: root. Path: "
2022-07-27T15:41:08.215Z [INFO]  rollback: starting rollback manager
2022-07-27T15:41:08.215Z [INFO]  core: restoring leases
2022-07-27T15:41:08.215Z [INFO]  expiration: lease restore complete
2022-07-27T15:41:08.216Z [INFO]  identity: entities restored
2022-07-27T15:41:08.216Z [INFO]  identity: groups restored
2022-07-27T15:41:08.411Z [INFO]  core: post-unseal setup complete
2022-07-27T15:41:08.412Z [INFO]  core: root token generated
2022-07-27T15:41:08.412Z [INFO]  core: pre-seal teardown starting
2022-07-27T15:41:08.412Z [INFO]  rollback: stopping rollback manager
2022-07-27T15:41:08.412Z [INFO]  core: pre-seal teardown complete
2022-07-27T15:41:08.412Z [INFO]  core.cluster-listener.tcp: starting listener: listener_address=127.0.0.1:8201
2022-07-27T15:41:08.412Z [INFO]  core.cluster-listener: serving cluster requests: cluster_listen_address=127.0.0.1:8201
2022-07-27T15:41:08.412Z [INFO]  core: post-unseal setup starting
2022-07-27T15:41:08.412Z [INFO]  core: loaded wrapping token key
2022-07-27T15:41:08.412Z [INFO]  core: successfully setup plugin catalog: plugin-directory=""
2022-07-27T15:41:08.412Z [INFO]  core: successfully mounted backend: type=system path=sys/
2022-07-27T15:41:08.412Z [INFO]  core: successfully mounted backend: type=identity path=identity/
2022-07-27T15:41:08.412Z [INFO]  core: successfully mounted backend: type=cubbyhole path=cubbyhole/
2022-07-27T15:41:08.413Z [INFO]  core: successfully enabled credential backend: type=token path=token/ namespace="ID: root. Path: "
2022-07-27T15:41:08.413Z [INFO]  rollback: starting rollback manager
2022-07-27T15:41:08.413Z [INFO]  core: restoring leases
2022-07-27T15:41:08.413Z [INFO]  expiration: lease restore complete
2022-07-27T15:41:08.413Z [INFO]  identity: entities restored
2022-07-27T15:41:08.413Z [INFO]  identity: groups restored
2022-07-27T15:41:08.414Z [INFO]  core: post-unseal setup complete
2022-07-27T15:41:08.414Z [INFO]  core: vault is unsealed
2022-07-27T15:41:08.415Z [INFO]  core: successful mount: namespace="" path=secret/ type=kv
2022-07-27T15:41:08.425Z [INFO]  secrets.kv.kv_23bb41f6: collecting keys to upgrade
2022-07-27T15:41:08.425Z [INFO]  secrets.kv.kv_23bb41f6: done collecting keys: num_keys=1
2022-07-27T15:41:08.425Z [INFO]  secrets.kv.kv_23bb41f6: upgrading keys finished
WARNING! dev mode is enabled! In this mode, Vault runs entirely in-memory
and starts unsealed with a single unseal key. The root token is already
authenticated to the CLI, so you can immediately begin using Vault.

You may need to set the following environment variable:

    $ export VAULT_ADDR='http://127.0.0.1:8200'

The unseal key and root token are displayed below in case you want to
seal/unseal the Vault or re-authenticate.

Unseal Key: wtsCw0u97Yma6a2S2GtlrTiydWmpIeS2osNMrlEotdM=
Root Token: hvs.qLt2DhKfeDpIovsoHcmQfRiB

Development mode should NOT be used in production installations!

And it works fine.

cipherboy avatar Jul 27 '22 15:07 cipherboy

@vijayscsa were you able to get your question answered by @cipherboy ?

hsimon-hashicorp avatar Aug 08 '22 18:08 hsimon-hashicorp

yes, Thanks for the answer. Do we need to use $ podman here?

vijayscsa avatar Aug 17 '22 14:08 vijayscsa

I think SUSE ships podman and prefers it over Docker like Red Hat does, but no, this is mostly from my own personal choices (and that I run on a Fedora machine usually). :-)

Docker should work fine.

cipherboy avatar Aug 17 '22 14:08 cipherboy

Hi @vijayscsa , it looks like this issue has been resolved. I'm going to close it, but please feel free to reopen if there are any followup questions. Thanks!

HridoyRoy avatar Aug 29 '22 18:08 HridoyRoy