MattSurabian
commented
6 years ago @ywei2017 can you post the full config that you're using that's functional for consul?
Closed MattSurabian closed 6 years ago
MattSurabian
commented
6 years ago @ywei2017 can you post the full config that you're using that's functional for consul?
ywei2017
commented
6 years ago @MattSurabina, sure, see blow.
Please note that in our config, we have 2 vault nodes, with a load balancer in front of them. We also have 3 consul nodes. But we configured the vault nodes also as consul clients, which is why you see the 127.0.0.1:8500. I obfuscated the domain name and cluster_addr value for security reasons. Everything else is exactly what we have. Let me know of any questions.
vault-server/76005e04-f753-4c40-9bc7-d61808e8ea8c:~$ cat /var/vcap/jobs/vault/config/server.hcl
api_addr = "https://myvault.tld:8200" # Load balancer URL
disable_mlock = false # Always set to false
listener "tcp" {
address = "0.0.0.0:8200" # For client access, peer request uses 8201
#cluster_address = leave blank, default to address
tls_cert_file = "/var/vcap/jobs/vault/tls/cert.pem"
tls_key_file = "/var/vcap/jobs/vault/tls/key.pem"
tls_min_version = "tls12"
}
storage "consul" {
path = "vault/"
address = "127.0.0.1:8500" # Using consul client on localhost
check_timeout = "5s"
max_parallel = "128"
disable_clustering = "false" #" is required
cluster_addr = "https://192.168.1.101:8201" #Primay ip of the node, auto filled with (ip)
}
Thanks @ywei2017 I'll update this PR later this afternoon
ywei2017
commented
6 years ago @MattSurabian no problem. Very glad I can help.
jhunt
commented
6 years ago @MattSurabian any update on this?
MattSurabian
commented
6 years ago Sorry yall, between CFSummit and then getting sick the week after I lost track of this one. Just updated!
MattSurabian
commented
6 years ago @jhunt should be set to merge
jhunt
commented
6 years ago Thanks all!
This addresses the typos in the readme example configuration as pointed out in #55