106
Comment:
|
977
|
Deletions are marked like this. | Additions are marked like this. |
Line 5: | Line 5: |
* sudo setcap cap_ipc_lock=+ep <bin>/9s/vault | * Ensure vault can lock memory mlock {{{ $ sudo setcap CAP_IPC_LOCK= <bin>/9s/vault }}} * Config {{{ storage "file" { path = "/home/xxx/vault-data" address = "127.0.0.1:8500" path = "vault" } #storage "etcd" { # address = "http://localhost:2379" # etcd_api = "v3" # } listener "tcp" { address = "127.0.0.1:8200" #tls_disable = 1 ##Cert + intermediate in concat tls_cert_file = "/home/xxx/ssl/concat_dev.pem" tls_key_file = "/home/xx/ssl/dev.key" } #telemetry { # statsite_address = "127.0.0.1:8125" # disable_hostname = true # } }}} * Got error with client no initialized {{{ $ vault status Error checking seal status: Error making API request. URL: GET https://localdomain.com:8200/v1/sys/seal-status Code: 400. Errors: * server is not yet initialized }}} |
Vault by HasiCorp
Ensure vault can lock memory mlock
$ sudo setcap CAP_IPC_LOCK= <bin>/9s/vault
Config
storage "file" { path = "/home/xxx/vault-data" address = "127.0.0.1:8500" path = "vault" } #storage "etcd" { # address = "http://localhost:2379" # etcd_api = "v3" # } listener "tcp" { address = "127.0.0.1:8200" #tls_disable = 1 ##Cert + intermediate in concat tls_cert_file = "/home/xxx/ssl/concat_dev.pem" tls_key_file = "/home/xx/ssl/dev.key" } #telemetry { # statsite_address = "127.0.0.1:8125" # disable_hostname = true # }
Got error with client no initialized
$ vault status Error checking seal status: Error making API request. URL: GET https://localdomain.com:8200/v1/sys/seal-status Code: 400. Errors: * server is not yet initialized
...