Vault and Consul: Vault storage not showing up in Consul UI

1/24/2020

I am trying to set up Vault on my Kubernetes cluster with Consul as the storage. I have followed this official tutorial which uses Helm charts to install Consul and Vault on Kubernetes and sets up Vault to use Consul as storage. Installation has been successfull as can be seen here:

NAME                                                              READY   STATUS    RESTARTS   AGE
hashicorp-consul-connect-injector-webhook-deployment-84589dtg6k   1/1     Running   0          43m
hashicorp-consul-server-0                                         1/1     Running   0          43m
hashicorp-consul-rscsm                                            1/1     Running   0          43m
hashicorp-consul-jdtbj                                            1/1     Running   0          43m
hashicorp-consul-x4hmc                                            1/1     Running   0          43m
vault-agent-injector-5945fb98b5-78gw8                             1/1     Running   0          34m
vault-0                                                           1/1     Running   0          34m

After that, I registered Vault as a service manually by running

consul services register vault.json

with vault.json being:

{"service": {"name": "vault", "tags": ["vault-tag"], "port": 8200}}

Now, In Consul's dashboard UI, I am able to see Vault in services with a green tick which shows health checks are being performed correctly but when I create key values in Vault I can't see any storage being created in the key-value menu of the UI. I would appreciate it if someone could help me understand what's wrong here.

-- HemOdd
consul
hashicorp-vault
key-value-store
kubernetes

1 Answer

1/24/2020

Although it is not mentioned in the tutorial, Consul is only used as storage when Vault is installed in High Availability mode. I recreated my cluster and re-installed Vault in this mode by running:

helm install --name vault \
    --set='server.ha.enabled=true' \
    https://github.com/hashicorp/vault-helm/archive/v0.3.0.tar.gz

Now, Vault is automatically registered as a service in Consul and its storage shows up in Consul's Key/Value menu.

-- HemOdd
Source: StackOverflow