A complete stack of HashiCorp Consul, Vault and Nomad.
Created for the AT Computing CloudLabs.
In the directory slides you will find the CLI slide-deck that accompanies the installation steps.
For this you will need the slides software installed.
In the CloudLabs, slides is installed on the management station.
Also includes is a custom theme, based on certain HashiCorp product colors.
cd slides
slides presentation.mdansible-playbook playbooks/01_common.ymlansible-playbook playbooks/02_systemd-resolved.ymlansible-playbook playbooks/03_consul.yml- Open Firefox and navigate to https://consul.service.inthepicture.photo:8501
This is convenient to monitor thevaultandnomadservices during installation. ansible-playbook playbooks/04_vault.ymlansible-playbook playbooks/04_vault.yml --tags unsealansible-playbook playbooks/05_nomad- Run the aperture script to make sure everything is up and running:
./aperture.sh
Note that if you want to use any of the binary commands on the management station, be sure to source ~/.bashrc after each product installation, since this also sets the correct environment variables.
There is a playbook included as a bonus that configures the Consul and Nomad secrets engine on Vault and enables an operator role for both of the secrets engines. This allows for reading dynamic Consul/Nomad ACL tokens.
ansible-playbook playbooks/10_bonus.ymlvault read consul/creds/operatorvault read nomad/creds/operator
- https://consul.service.inthepicture.photo:8501
- https://vault.service.inthepicture.photo:8200
- https://nomad.service.inthepicture.photo:4646
Note that Consul, Vault and Nomad are all mTLS secured and that the Consul domain has been set to inthepicture.photo. Make sure you take this into consideration when setting your environment variables.