Public | Automated Build

Last pushed: 6 days ago
Short Description
Tiny (~35MB) Alpine Linux image with vault (http://vaultproject.io) running
Full Description

Run a dev server:

docker pull quay.io/voxxit/vault:latest
docker run -d --memory-swap=-1 --name vault-dev quay.io/voxxit/vault:latest

To run a command:

alias vault='docker exec -it vault-dev vault "$@"'

vault write -address=http://127.0.0.1:8200 secret/hello value=world
Success! Data written to: secret/hello

vault read -address=http://127.0.0.1:8200 secret/hello
Key                Value
lease_id           secret/hello/ced98ef0-18d4-a5b0-8d49-3eee5aa0dfae
lease_duration     2592000
lease_renewable    false
value              world
Docker Pull Command
Owner
voxxit
Source Repository

Comments (3)
djmax
2 years ago

Just curious - why is the default in here to bind to localhost only? Seems like in almost all cases you'd rather bind to 0.0.0.0?

akamalov
2 years ago

I think you need to run it in non-dev mode. Based on Dockerfile above, I created my own, backing with existing Consul enviroment:

######################

FROM voxxit/base:alpine

RUN wget http://dl.bintray.com/mitchellh/vault/vault_0.1.2_linux_amd64.zip \
&& unzip vault_0.1.2_linux_amd64.zip \
&& mv vault /usr/local/bin/ \
&& rm -f vault_0.1.2_linux_amd64.zip

EXPOSE 8200

ENTRYPOINT [ "vault" ]
CMD [ "server", "-config=/etc/vault/vault.json" ]

######################

Where vault.json file contains:

CMD [ "server", "-config=/etc/vault/vault.json" ]
rsomtapae194 vault # cat /var/lib/vault/vault.json
backend "consul" {
address = "xxx.xxx.xxx.xxx:8500"
path = "vault"
}

listener "tcp" {
address = "0.0.0.0:8200"
tls_disable = 1
}

Replace "xxx.xxx.xxx.xxx:8500" with your consul IP.

Go ahead and built it:

docker build -t="akamalov/vault" .

Once built, go ahead and run your Vault container:

docker run -d -p 8200:8200 --name vault --memory-swap=-1 -v /var/lib/vault:/etc/vault --cap-add IPC_LOCK akamalov/vault

This should do it.

HTH,

Alex

lordofthejars
2 years ago

Hi I am trying to use this image in my project, and the first I am trying to do is accessing to vault from host and not within the container.
My docker ps output is:
8596c46f7df2 quay.io/voxxit/vault:latest "vault server -dev" 2 seconds ago Up 1 seconds 0.0.0.0:8200->8200/tcp vault-dev

But for example doing a wget http://lcoalhost:8200/v1/sys/health inside container it works but doing the same but outside the container does not work. Do you know if there is something to configure to vault to make it works from outside?