Skip to content

Commit a161c89

Browse files
markgoddardmarkgoddard
authored
Merge pull request #4 from stackhpc/missing-vars
Document all mandatory variables, rename vault_vip_url to vault_vip_address
2 parents 7b8b59a + b9ef728 commit a161c89

File tree

3 files changed

+11
-3
lines changed

3 files changed

+11
-3
lines changed

roles/vault/README.md

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -18,8 +18,11 @@ Role variables
1818
* Vault
1919
* Mandatory
2020
* `vault_cluster_name`: Vault cluster name (e.g. "prod_cluster")
21+
* `vault_bind_address`: Which IP address should Vault bind to
22+
* `vault_vip_address`: Under which IP address Vault should be available (this role does not deploy keepalived)
2123
* `vault_tls_key`: Path to TLS key to use by Vault
2224
* `vault_tls_cert`: Path to TLS cert to use by Vault
25+
* `vault_config_dir`: Directory into which to bind mount Vault configuration
2326
* Optional
2427
* `consul_container.etc_hosts`: Dict; `{<hostname>:<ip_address>}` to be added to container /etc/host
2528
s (default: Omitted)
@@ -70,7 +73,7 @@ Example playbook (used with OpenStack Kayobe)
7073
consul_bind_ip: "{{ internal_net_ips[ansible_hostname] }}"
7174
consul_vip_address: "{{ internal_net_vip_address }}"
7275
vault_bind_address: "{{ external_net_ips[ansible_hostname] }}"
73-
vault_vip_url: "{{ external_net_fqdn }}"
76+
vault_vip_address: "{{ external_net_fqdn }}"
7477
vault_config_dir: "/opt/kayobe/vault"
7578
```
7679

roles/vault/defaults/main.yml

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -9,9 +9,14 @@ vault_docker_image: "vault"
99
vault_docker_tag: "latest"
1010

1111
vault_cluster_name: ""
12+
# Allow vault_vip_url for backwards compatibility.
13+
vault_vip_address: "{{ vault_vip_url | default('') }}"
14+
vault_bind_address: ""
1215
vault_tls_key: ""
1316
vault_tls_cert: ""
1417

18+
vault_config_dir: ""
19+
1520
vault_config: >
1621
{
1722
"cluster_name": "{{ vault_cluster_name }}",

roles/vault/tasks/vault.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -17,14 +17,14 @@
1717

1818
- name: Check if vault is initialized
1919
uri:
20-
url: "https://{{ vault_vip_url }}:8200/v1/sys/init"
20+
url: "https://{{ vault_vip_address }}:8200/v1/sys/init"
2121
register: vault_init_status
2222
retries: 50
2323
delay: 1
2424
until: vault_init_status.status == 200
2525

2626
- name: Initialize vault
27-
command: "docker exec -e 'VAULT_ADDR=https://{{ vault_vip_url }}:8200' {{ vault_docker_name }} vault operator init -format yaml"
27+
command: "docker exec -e 'VAULT_ADDR=https://{{ vault_vip_address }}:8200' {{ vault_docker_name }} vault operator init -format yaml"
2828
when: not vault_init_status.json.initialized
2929
run_once: True
3030
register: vault_init_output

0 commit comments

Comments
 (0)