- Pull docker image
- Start Vault Container
- Initialize Vault and backup keys
- Create Client Token
- Unseal the Vault
- Use Client Token with one of the APIs
This walk through is targeted for audiences who are new to Vault, or dev ops who just need an API to develop auto deployment scripts against. A production environment should be installed and operated by a Hashicorp Vault expert.
Pull and Run
Pull the docker image and run it in the foreground with exposed ports 8200 using the following command:
Obtain a shell for the running container by using docker ps to get the docker container ID.
[crayon-5e293cdf6b71b140599557/] Because our local environment is simple, without https and certs, we will change the default environment endpoint to support the vault command line tools
[crayon-5e293cdf6b71e206268788/] [crayon-5e293cdf6b721506995772/] The command above shows that vault is not yet initialized. The following command will be used to initialize it, which will generate 5 keys, of which 3 is needed for unsealing.
Create Client Token
Now that the vault is initialized, we can generate a client token to use with our apps or external systems. However, before we can properly use any vault commands from the server, we’ll need to export the initial root token, that allows interact with the vault services.
Unseal and work with Vault Services from Client
Next we’ll will export the vault address, and client token, so that we can unseal the vault, and work against it.
[crayon-5e293cdf6b72a926257498/] Now we can use vault using the quick start tutorials.
Put a password
[crayon-5e293cdf6b731380968419/] Get a password