Created
December 19, 2016 15:45
-
-
Save vishnu21/65298a17a8eb5475b6005c2a87b2b4e0 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
FROM alpine:latest | |
MAINTAINER flux7labs support@flux7.com | |
ENV REFRESHED_AT 2016-07-05 | |
# install necessary packages | |
RUN apk update && apk add bash make curl git mercurial bzr go && \ | |
rm -rf /var/cache/apk/* | |
ENV GOROOT /usr/lib/go | |
ENV GOPATH /gopath | |
ENV GOBIN /gopath/bin | |
ENV PATH $PATH:$GOROOT/bin:$GOPATH/bin: | |
ADD ./config /config/ | |
# clone consul-snapshot | |
RUN git clone https://github.com/hashicorp/consul-replicate.git $GOROOT/src/github.com/hashicorp/consul-replicate && \ | |
cd $GOROOT/src/github.com/hashicorp/consul-replicate && \ | |
git checkout e7f6dddc06166636b6ed5a6de69294e45f778189 && \ | |
make bootstrap && \ | |
make dev && \ | |
mv /usr/lib/go/src/github.com/hashicorp/consul-replicate/bin/consul-replicate /usr/local/bin | |
ENTRYPOINT ["/bin/bash", "-c","/usr/local/bin/consul-replicate -consul=$CONSUL_ADDR -config=/config"] | |
Notice the line where we are checking out the specific commit of consul-replicate. Once we had completed this change, we configured consul-template’s config file as follows to selectively replicate the needed keys to the secondary DC: | |
prefix { | |
source = "vault/sys/token/@dc1" | |
} | |
prefix { | |
source = "vault/sys/policy/@dc1" | |
} | |
prefix { | |
source = "vault/logical/@dc1" | |
} | |
prefix { | |
source = "vault/audit/@dc1" | |
} | |
prefix { | |
source = "vault/core/audit@dc1" | |
} | |
prefix { | |
source = "vault/core/auth@dc1" | |
} | |
prefix { | |
source = "vault/core/keyring@dc1" | |
} | |
prefix { | |
source = "vault/core/mounts@dc1" | |
} | |
prefix { | |
source = "vault/core/seal-config@dc1" | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment