Why VAULT_ADDR?
949 views
Skip to first unread message
Amy Brown
Jun 3, 2016, 1:54:42 PM6/3/16
to Vault
Good afternoon,
I'm running vault with a file backend and a TCP listener on ArchLinux and Windows 2012 test boxes.
My config file looks something like this on ArchLinux:
backend "file" {
path = "/home/user/vdata"
}
listener "tcp" {
address = "0.0.0.0:8200"
tls_disable = 1
}
disable_mlock = true
I've found that setting the VAULT_ADDR environment variable is absolutely necessary both on ArchLinux and Windows 2012.
Without the variable set, you can't even run vault status.
Why is this? It seems that vault... should see that it's running?
Michael Fischer
Jun 3, 2016, 2:08:29 PM6/3/16
to vault...@googlegroups.com
The environment variable isn't the only way to tell the Vault client where the server is. You can also pass the `-address` argument to the vault client command line.
--
This mailing list is governed under the HashiCorp Community Guidelines - https://www.hashicorp.com/community-guidelines.html. Behavior in violation of those guidelines may result in your removal from this mailing list.
GitHub Issues: https://github.com/hashicorp/vault/issues
IRC: #vault-tool on Freenode
---
You received this message because you are subscribed to the Google Groups "Vault" group.
To unsubscribe from this group and stop receiving emails from it, send an email to vault-tool+...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/vault-tool/e9b85930-ff15-4228-8b3d-95017214efb0%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Jeff Mitchell
Jun 3, 2016, 2:18:15 PM6/3/16
to vault...@googlegroups.com
Hi Amy,
Michael is correct about -address, but I think the sort of deeper
answer to your question is that Vault the binary can act as either a
server or a CLI to talk to a server instance. Only the server instance
reads the configuration file. Client configuration is performed
through environment variables or CLI flags.
Best,
Jeff
> https://groups.google.com/d/msgid/vault-tool/CABHxtY7_begKKRuQYLdJZB2vXnJJY2jhnJhDTUsSaKC6QNNyig%40mail.gmail.com.
Michael is correct about -address, but I think the sort of deeper
answer to your question is that Vault the binary can act as either a
server or a CLI to talk to a server instance. Only the server instance
reads the configuration file. Client configuration is performed
through environment variables or CLI flags.
Best,
Jeff
David Adams
Jun 3, 2016, 5:23:44 PM6/3/16
to vault...@googlegroups.com
The default vault address in the `vault` command line tool is `https://127.0.0.1:8200` but in the typical first-run setup without SSL, as you've configured, you have to override that to `http://127.0.0.1:8200` (or some equivalent).
--
Reply all
Reply to author
Forward
0 new messages