Dockerfile

FROM alpine:latest

MAINTAINER flux7labs support@flux7.com

ENV REFRESHED_AT 2016-07-05

# install necessary packages

RUN apk update && apk add bash make curl git mercurial bzr go && \

    rm -rf /var/cache/apk/*
 

ENV GOROOT /usr/lib/go

ENV GOPATH /gopath

ENV GOBIN /gopath/bin

ENV PATH $PATH:$GOROOT/bin:$GOPATH/bin:

ADD ./config /config/

# clone consul-snapshot

RUN git clone https://github.com/hashicorp/consul-replicate.git $GOROOT/src/github.com/hashicorp/consul-replicate && \

    cd $GOROOT/src/github.com/hashicorp/consul-replicate && \

    git checkout e7f6dddc06166636b6ed5a6de69294e45f778189 && \

    make bootstrap && \

    make dev && \

    mv /usr/lib/go/src/github.com/hashicorp/consul-replicate/bin/consul-replicate /usr/local/bin


ENTRYPOINT ["/bin/bash", "-c","/usr/local/bin/consul-replicate -consul=$CONSUL_ADDR -config=/config"]

Notice the line where we are checking out the specific commit of consul-replicate. Once we had completed this change, we configured consul-template’s config file as follows to selectively replicate the needed keys to the secondary DC:

 
prefix {

        source = "vault/sys/token/@dc1"

}

prefix {

        source = "vault/sys/policy/@dc1"

}

prefix {

        source = "vault/logical/@dc1"

}

prefix {

        source = "vault/audit/@dc1"

}

prefix {

        source = "vault/core/audit@dc1"

}

prefix {

        source = "vault/core/auth@dc1"

}

prefix {

        source = "vault/core/keyring@dc1"

}

prefix {

        source = "vault/core/mounts@dc1"

}

prefix {

        source = "vault/core/seal-config@dc1"

}