search

hashicorp / terraform-aws-vault

A Terraform Module for how to run Vault on AWS using Terraform and Packer
Apache License 2.0
659 stars 465 forks source link

Vault fails to provision using vagrant centos7 #188

Open ghost opened 4 years ago

ghost commented 4 years ago

While using Vagrant with a centos/7 box. The provisioning script install-vault would fail due to the mlock function.

I found that vault is being placed in /usr/local/bin/vault while mlock needs it in /usr/bin to pass with an exit 0.

Not sure when to make the change in the script to resolve this.

brikis98 commented 4 years ago

Is this specific to CentOS?

ghost commented 4 years ago

@brikis98 I have only tested with centos/7 vagrantbox

I noticed later on that if I do this /opt/vault/bin/vault server -dev vagrant will no longer throw an error.

Here is a snip of my provision section of my vagrantfile. If I remove the last line, I will get the mlock error. 

echo 'export PATH="/usr/local/bin:$PATH"' >> "/root/.bashrc"
  git clone --branch v0.13.6 https://github.com/hashicorp/terraform-aws-vault.git
  terraform-aws-vault/modules/install-vault/install-vault --version '1.3.2+ent.hsm'
  **/opt/vault/bin/vault server -dev**
brikis98 commented 4 years ago

Before changing this for everyone, we'll need to understand if this only affects CentOS? Or even just the Vagrant image for CentOS? If someone wants to do that research and contribute a fix (if necessary), a PR is welcome!