Vault reset
1,377 views
Skip to first unread message
Vasil Hrytskevich
Mar 16, 2016, 4:15:19 PM3/16/16
to Vault
I have created a vault systemd service and consul service
and no root or unseal.
after I start consul and vault as a service I don't see root token or unseal key (I forgot about that and now I'm in trouble)
How could I reset Vault config so I could start vault as normal (vault server -config...) to obtain token?
I stopped consul and vault services. I delete my consul data-dir
I stopped consul and vault services. I delete my consul data-dir
start consul service, start vault server
and the same situation
and the same situation
==> Vault server started! Log data will stream in below:
and no root or unseal.
consul:
{
"bootstrap": true,
"server": true,
"acl_datacenter": "...",
"acl_master_token": "...",
"acl_default_policy": "deny",
"datacenter": "...",
"client_addr": "0.0.0.0",
"bind_addr": "...",
"data_dir": "/opt/consul/data",
"encrypt": "...",
"log_level": "INFO",
"enable_syslog": true,
"ui_dir": "/opt/consul/ui"
}
vault:
backend "consul" {
address = "127.0.0.1:8500"
path = "vault"
scheme = "http"
tls_skip_verify = "true"
}
listener "tcp" {
address = "0.0.0.0:8200"
tls_disable = 1
}
Jeff Mitchell
Mar 16, 2016, 4:22:31 PM3/16/16
to vault...@googlegroups.com
Hi Vasil,
Vault only provides a root token and unseal key on startup when
running in dev mode. You need to run "vault init" to actually get
these when using real backends!
Best,
Jeff
> --
> This mailing list is governed under the HashiCorp Community Guidelines -
> https://www.hashicorp.com/community-guidelines.html. Behavior in violation
> of those guidelines may result in your removal from this mailing list.
>
> GitHub Issues: https://github.com/hashicorp/vault/issues
> IRC: #vault-tool on Freenode
> ---
> You received this message because you are subscribed to the Google Groups
> "Vault" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to vault-tool+...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/vault-tool/936694d2-113e-458e-b973-622ce9dfad40%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
Vault only provides a root token and unseal key on startup when
running in dev mode. You need to run "vault init" to actually get
these when using real backends!
Best,
Jeff
> This mailing list is governed under the HashiCorp Community Guidelines -
> https://www.hashicorp.com/community-guidelines.html. Behavior in violation
> of those guidelines may result in your removal from this mailing list.
>
> GitHub Issues: https://github.com/hashicorp/vault/issues
> IRC: #vault-tool on Freenode
> ---
> You received this message because you are subscribed to the Google Groups
> "Vault" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to vault-tool+...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/vault-tool/936694d2-113e-458e-b973-622ce9dfad40%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
Vasil Hrytskevich
Mar 16, 2016, 4:40:56 PM3/16/16
to Vault
Thank you! I'm so inattentive.
And thanks for awesome products.
And thanks for awesome products.
Reply all
Reply to author
Forward
0 new messages