我已经在Ubuntu 18.04上安装了Hashicorp-vault(vault v1.5.4(。我的后端是Consul(在和vault相同的服务器上运行的单个节点(-Consul服务已启动。
我的保险库服务无法启动
systemctl list-units --type=service | grep "vault"
vault.service loaded failed failed vault service
journalctl -xe -u vault
Oct 03 00:21:33 ubuntu2 systemd[1]: vault.service: Scheduled restart job, restart counter is at 5.
-- Subject: Automatic restarting of a unit has been scheduled
- Unit vault.service has finished shutting down.
Oct 03 00:21:33 ubuntu2 systemd[1]: vault.service: Start request repeated too quickly.
Oct 03 00:21:33 ubuntu2 systemd[1]: vault.service: Failed with result 'exit-code'.
Oct 03 00:21:33 ubuntu2 systemd[1]: Failed to start vault service.
-- Subject: Unit vault.service has failed
vault config.json
"api_addr": "http://<my-ip>:8200",
storage "consul" {
address = "127.0.0.1:8500"
path = "vault"
},
Service config
StandardOutput=/opt/vault/logs/output.log
StandardError=/opt/vault/logs/error.log
cat /opt/vault/logs/error.log
cat: /opt/vault/logs/error.log: No such file or directory
cat /opt/vault/logs/output.log
cat: /opt/vault/logs/output.log: No such file or directory
sudo tail -f /opt/vault/logs/error.log
tail: cannot open '/opt/vault/logs/error.log' for reading: No such file or
directory
:/opt/vault/logs$ ls -al
total 8
drwxrwxr-x 2 vault vault 4096 Oct 2 13:38 .
drwxrwxr-x 5 vault vault 4096 Oct 2 13:38 ..
经过多次调试,问题是将.hcl和.json混合在一起(它们非常相似,但不同(-在存储(如发布的(需要使用json格式的东西之间进行剪切当错误消息什么也没说并且日志中什么都没有时,问题当然会更加复杂
"storage": {
"consul": {
"address": "127.0.0.1:8500",
"path" : "vault"
}
},
还有几个其他问题需要解决——disable_mlock : true,为8200:sudo ufw allow 8200/tcp打开防火墙。
终于完成了(相当于开始了(。