Closed drweber closed 4 years ago
@themantissa @thetonymaster
@drweber thank you. I'll ensure our developers have a look.
What is your vault configuration file? Also, maybe this is related to your issue https://github.com/hashicorp/docker-vault/issues/53
after changing vault configuration file from
ui = true
plugin_directory = "/vault/plugins"
log_level = "trace"
listener "tcp" {
tls_disable = 1
address = "[::]:8200"
cluster_address = "[::]:8201"
}
storage "file" {
path = "/vault/data"
}
to
# cat /tmp/storageconfig.hcl
ui = true
plugin_directory = "/vault/plugins"
disable_cache = true
disable_mlock = true
api_addr = "http://0.0.0.0:8200"
max_lease_ttl = "10h"
default_lease_ttl = "10h"
cluster_name = "vault"
raw_storage_endpoint = true
disable_sealwrap = true
disable_printable_check = true
log_level = "trace"
listener "tcp" {
tls_disable = 1
address = "[::]:8200"
cluster_address = "[::]:8201"
}
storage "file" {
path = "/vault/data"
}
and switching to Vault 1.2.4
vault secrets enable vault-plugin-secrets-mongodbatlas
Success! Enabled the vault-plugin-secrets-mongodbatlas secrets engine at: vault-plugin-secrets-mongodbatlas/
@drweber it sounds like you've had some success with the above config?
Hey, @drweber sorry for the late response, I am using the following configuration
{
"backend": {"file": {"path": "/data"}},
"listener": [{"tcp": {"address": "0.0.0.0:8200", "tls_disable": true}}],
"plugin_directory": "/example",
"log_level": "debug",
"disable_mlock": true,
"api_addr": "http://localhost:8200"
}
My money is on this line "disable_mlock": true
I think if you only change this line it should work
Make sure that the capabilities are set on the binary: https://www.vaultproject.io/docs/configuration/#disable_mlock If you want mlock enabled you'll have to set that capability for the plugin
@drweber wanted to let you know this work is now included in the 1.4Beta1 version of Vault released by HashiCorp and will be in the GA 1.4 Vault version. I'll close this PR as you won't need to build this on your own now.
Doesn't work with Vault versions 1.1.5, 1.2.2, 1.2.3
Then plugins were compiled
In Vault logs
current resources for POD