How to register vault (Hashicorp-vault) as a service in consul (Hashicorp-consul), I am using kubernetes?
I'm running vault and consul as pods in kubernetes, while I'm checking consul catalog service it shows consul alone.
How can I register vault as a service?
I'd tried with the following link, but it didn't work. https://learn.hashicorp.com/consul/getting-started/services
Similar Questions
2 Answers
For registering vault as a service you will have to do the following steps
- Create a file and write this
{"service": {"name": "vault", "tags": ["vault-tag"], "port": 8200}}into it. Name it asvault.json - Now, enter this command
consul services register vault.json - You can now see that vault is registered as a service
Vault will automatically register with consul when using consul as a backend datastorage. If you are using one of the other storage options you have 2 ways to do it:
Vault >1.4
If you have vault 1.4 or newer, you can add the following to the vault config to automatically register the vault service in consul
service_registration "consul" {
address = "127.0.0.1:8500"
}
Vault < 1.4
Assuming you are running vault with https on port 8200
{
"service": {
"checks": [
{
"http": "https://vault1.example.com:8200/v1/sys/health",
"id": "port",
"interval": "10s",
"name": "vault running on port 8200",
"timeout": "1s"
}
],
"enable_tag_override": false,
"id": "vault",
"meta": {
"meta": "Vault"
},
"name": "vault",
"port": 8200,
"tags": []
}
}
Note This won't provide the dynamic tags like active or standby that you get automatically with the other options. https://www.vaultproject.io/docs/configuration/service-registration/consul