vault
vault copied to clipboard
Unable to install vault in Suse Linux Micro OS
Environment: Suse Linux Enterprise Micro OS
- Vault Version:
- Operating System/Architecture: X86 - 64 Virtal machine Vault Config File:
Vault v0.10.3
Be sure to scrub any sensitive values
**Startup Log Output:**
<!-- Logs from vault's output on startup, if available. -->
```text
# Paste your log output here
Expected Behavior:
Actual Behavior:
Steps to Reproduce:
Important Factoids:
References:
I am trying to deploy vault in a virtual machine with OS, Suse Linux Enterprise Micro. But no documentation on this and the binaries are not working.
What exactly is the issue you're having?
@vijayscsa I'm unable to reproduce this without more information. Using the vault_1.11.1_linux_amd64.zip binary from here and extracted, I use the following Containerfile:
from registry.suse.com/bci/bci-micro
COPY vault /bin/vault
And build and run with Buildah/Podman:
$ buildah bud -f ./Dockerfile
STEP 1/2: FROM registry.suse.com/bci/bci-micro
STEP 2/2: COPY vault /bin/vault
COMMIT
Getting image source signatures
Copying blob 4a1b17e09ca6 skipped: already exists
Copying blob 511b546c2b46 done
Copying config 904db7c008 done
Writing manifest to image destination
Storing signatures
--> 904db7c0088
904db7c0088b5b49b26029615642b46655573e692cb0459cb0d8078e3d169c2f
$ podman run -p 8200:8200 -ti 904db7c0088b5b49b26029615642b46655573e692cb0459cb0d8078e3d169c2f vault server -dev
==> Vault server configuration:
Api Address: http://127.0.0.1:8200
Cgo: disabled
Cluster Address: https://127.0.0.1:8201
Go Version: go1.17.12
Listener 1: tcp (addr: "127.0.0.1:8200", cluster address: "127.0.0.1:8201", max_request_duration: "1m30s", max_request_size: "33554432", tls: "disabled")
Log Level: info
Mlock: supported: true, enabled: false
Recovery Mode: false
Storage: inmem
Version: Vault v1.11.1, built 2022-07-19T20:16:47Z
Version Sha: 0f634755745f4adf62ec0723a0b93d6dce5bc33e
==> Vault server started! Log data will stream in below:
2022-07-27T15:41:08.210Z [INFO] proxy environment: http_proxy="" https_proxy="" no_proxy=""
2022-07-27T15:41:08.210Z [WARN] no `api_addr` value specified in config or in VAULT_API_ADDR; falling back to detection if possible, but this value should be manually set
2022-07-27T15:41:08.211Z [INFO] core: Initializing version history cache for core
2022-07-27T15:41:08.211Z [INFO] core: security barrier not initialized
2022-07-27T15:41:08.211Z [INFO] core: security barrier initialized: stored=1 shares=1 threshold=1
2022-07-27T15:41:08.211Z [INFO] core: post-unseal setup starting
2022-07-27T15:41:08.213Z [INFO] core: loaded wrapping token key
2022-07-27T15:41:08.213Z [INFO] core: Recorded vault version: vault version=1.11.1 upgrade time="2022-07-27 15:41:08.213137007 +0000 UTC" build date=2022-07-19T20:16:47Z
2022-07-27T15:41:08.213Z [INFO] core: successfully setup plugin catalog: plugin-directory=""
2022-07-27T15:41:08.213Z [INFO] core: no mounts; adding default mount table
2022-07-27T15:41:08.213Z [INFO] core: successfully mounted backend: type=cubbyhole path=cubbyhole/
2022-07-27T15:41:08.214Z [INFO] core: successfully mounted backend: type=system path=sys/
2022-07-27T15:41:08.214Z [INFO] core: successfully mounted backend: type=identity path=identity/
2022-07-27T15:41:08.215Z [INFO] core: successfully enabled credential backend: type=token path=token/ namespace="ID: root. Path: "
2022-07-27T15:41:08.215Z [INFO] rollback: starting rollback manager
2022-07-27T15:41:08.215Z [INFO] core: restoring leases
2022-07-27T15:41:08.215Z [INFO] expiration: lease restore complete
2022-07-27T15:41:08.216Z [INFO] identity: entities restored
2022-07-27T15:41:08.216Z [INFO] identity: groups restored
2022-07-27T15:41:08.411Z [INFO] core: post-unseal setup complete
2022-07-27T15:41:08.412Z [INFO] core: root token generated
2022-07-27T15:41:08.412Z [INFO] core: pre-seal teardown starting
2022-07-27T15:41:08.412Z [INFO] rollback: stopping rollback manager
2022-07-27T15:41:08.412Z [INFO] core: pre-seal teardown complete
2022-07-27T15:41:08.412Z [INFO] core.cluster-listener.tcp: starting listener: listener_address=127.0.0.1:8201
2022-07-27T15:41:08.412Z [INFO] core.cluster-listener: serving cluster requests: cluster_listen_address=127.0.0.1:8201
2022-07-27T15:41:08.412Z [INFO] core: post-unseal setup starting
2022-07-27T15:41:08.412Z [INFO] core: loaded wrapping token key
2022-07-27T15:41:08.412Z [INFO] core: successfully setup plugin catalog: plugin-directory=""
2022-07-27T15:41:08.412Z [INFO] core: successfully mounted backend: type=system path=sys/
2022-07-27T15:41:08.412Z [INFO] core: successfully mounted backend: type=identity path=identity/
2022-07-27T15:41:08.412Z [INFO] core: successfully mounted backend: type=cubbyhole path=cubbyhole/
2022-07-27T15:41:08.413Z [INFO] core: successfully enabled credential backend: type=token path=token/ namespace="ID: root. Path: "
2022-07-27T15:41:08.413Z [INFO] rollback: starting rollback manager
2022-07-27T15:41:08.413Z [INFO] core: restoring leases
2022-07-27T15:41:08.413Z [INFO] expiration: lease restore complete
2022-07-27T15:41:08.413Z [INFO] identity: entities restored
2022-07-27T15:41:08.413Z [INFO] identity: groups restored
2022-07-27T15:41:08.414Z [INFO] core: post-unseal setup complete
2022-07-27T15:41:08.414Z [INFO] core: vault is unsealed
2022-07-27T15:41:08.415Z [INFO] core: successful mount: namespace="" path=secret/ type=kv
2022-07-27T15:41:08.425Z [INFO] secrets.kv.kv_23bb41f6: collecting keys to upgrade
2022-07-27T15:41:08.425Z [INFO] secrets.kv.kv_23bb41f6: done collecting keys: num_keys=1
2022-07-27T15:41:08.425Z [INFO] secrets.kv.kv_23bb41f6: upgrading keys finished
WARNING! dev mode is enabled! In this mode, Vault runs entirely in-memory
and starts unsealed with a single unseal key. The root token is already
authenticated to the CLI, so you can immediately begin using Vault.
You may need to set the following environment variable:
$ export VAULT_ADDR='http://127.0.0.1:8200'
The unseal key and root token are displayed below in case you want to
seal/unseal the Vault or re-authenticate.
Unseal Key: wtsCw0u97Yma6a2S2GtlrTiydWmpIeS2osNMrlEotdM=
Root Token: hvs.qLt2DhKfeDpIovsoHcmQfRiB
Development mode should NOT be used in production installations!
And it works fine.
@vijayscsa were you able to get your question answered by @cipherboy ?
yes, Thanks for the answer. Do we need to use $ podman here?
I think SUSE ships podman and prefers it over Docker like Red Hat does, but no, this is mostly from my own personal choices (and that I run on a Fedora machine usually). :-)
Docker should work fine.
Hi @vijayscsa , it looks like this issue has been resolved. I'm going to close it, but please feel free to reopen if there are any followup questions. Thanks!