abdennour/00-vault-up.sh

## 00-vault-up.sh
 cat vault.hcl
 # create data container which holds the hcl file
 docker create -v /config --name config busybox; docker cp vault.hcl config:/config/;
 docker exec -it config cat /config/vault.hcl
 docker run -d --name consul      -p 8500:8500     consul:v0.6.4     agent -dev -client=0.0.0.0
 docker run -d --name vault-dev   --link consul:consul   -p 8200:8200   --volumes-from config   cgswong/vault:0.5.3 server -config=/config/vault.hcl

 # docker run -d --name vault-dev  --volumes-from config --cap-add=IPC_LOCK -e 'VAULT_LOCAL_CONFIG={"backend": {"file": {"path": "/config/vault.hcl"}}, "default_lease_ttl": "168h", "max_lease_ttl": "720h"}' --link consul:consul vault server

## 01-vault-ops.sh
# define vault cli client
alias vault='docker exec -it vault-dev vault "$@"'
# point to the running Vault
 export VAULT_ADDR=http://127.0.0.1:8200

 # Unseal process
 vault init -address=${VAULT_ADDR} > keys.txt
 cat keys.txt
 vault unseal -address=${VAULT_ADDR} $(grep 'Key 1:' keys.txt | awk '{print $NF}')
 vault unseal -address=${VAULT_ADDR} $(grep 'Key 2:' keys.txt | awk '{print $NF}')
 vault unseal -address=${VAULT_ADDR} $(grep 'Key 3:' keys.txt | awk '{print $NF}')
 # Check status of Vault
 vault status -address=${VAULT_ADDR}

# Authenticate to Vault
 export VAULT_TOKEN=$(grep 'Initial Root Token:' keys.txt | awk '{print substr($NF, 1, length($NF)-1)}')
 vault auth -address=${VAULT_ADDR} ${VAULT_TOKEN}

 # Write on vault
 vault write -address=${VAULT_ADDR}   secret/api-key value=12345678

# Read with Vault CLI
 vault read -address=${VAULT_ADDR}   secret/api-key
 vault read -address=${VAULT_ADDR}   -field=value secret/api-key

 # Read with curl
curl -H "X-Vault-Token:$VAULT_TOKEN"   -XGET http://docker:8200/v1/secret/api-key
curl -s -H  "X-Vault-Token:$VAULT_TOKEN"   -XGET http://docker:8200/v1/secret/api-key   | jq -r .data.value

## vault.hcl
backend "consul" {
  address = "consul:8500"
  advertise_addr = "consul:8300"
  scheme = "http"
}
listener "tcp" {
  address = "0.0.0.0:8200"
  tls_disable = 1
}
disable_mlock = true
	cat vault.hcl
	# create data container which holds the hcl file
	docker create -v /config --name config busybox; docker cp vault.hcl config:/config/;
	docker exec -it config cat /config/vault.hcl
	docker run -d --name consul -p 8500:8500 consul:v0.6.4 agent -dev -client=0.0.0.0
	docker run -d --name vault-dev --link consul:consul -p 8200:8200 --volumes-from config cgswong/vault:0.5.3 server -config=/config/vault.hcl

	# docker run -d --name vault-dev --volumes-from config --cap-add=IPC_LOCK -e 'VAULT_LOCAL_CONFIG={"backend": {"file": {"path": "/config/vault.hcl"}}, "default_lease_ttl": "168h", "max_lease_ttl": "720h"}' --link consul:consul vault server
	# define vault cli client
	alias vault='docker exec -it vault-dev vault "$@"'
	# point to the running Vault
	export VAULT_ADDR=http://127.0.0.1:8200

	# Unseal process
	vault init -address=${VAULT_ADDR} > keys.txt
	cat keys.txt
	vault unseal -address=${VAULT_ADDR} $(grep 'Key 1:' keys.txt \| awk '{print $NF}')
	vault unseal -address=${VAULT_ADDR} $(grep 'Key 2:' keys.txt \| awk '{print $NF}')
	vault unseal -address=${VAULT_ADDR} $(grep 'Key 3:' keys.txt \| awk '{print $NF}')
	# Check status of Vault
	vault status -address=${VAULT_ADDR}

	# Authenticate to Vault
	export VAULT_TOKEN=$(grep 'Initial Root Token:' keys.txt \| awk '{print substr($NF, 1, length($NF)-1)}')
	vault auth -address=${VAULT_ADDR} ${VAULT_TOKEN}

	# Write on vault
	vault write -address=${VAULT_ADDR} secret/api-key value=12345678

	# Read with Vault CLI
	vault read -address=${VAULT_ADDR} secret/api-key
	vault read -address=${VAULT_ADDR} -field=value secret/api-key

	# Read with curl
	curl -H "X-Vault-Token:$VAULT_TOKEN" -XGET http://docker:8200/v1/secret/api-key
	curl -s -H "X-Vault-Token:$VAULT_TOKEN" -XGET http://docker:8200/v1/secret/api-key \| jq -r .data.value
	backend "consul" {
	address = "consul:8500"
	advertise_addr = "consul:8300"
	scheme = "http"
	}
	listener "tcp" {
	address = "0.0.0.0:8200"
	tls_disable = 1
	}
	disable_mlock = true