Skip to content
This repository has been archived by the owner on Oct 7, 2022. It is now read-only.

Commit

Permalink
Merge pull request #6 from Zipcar/fix_cap_lock
Browse files Browse the repository at this point in the history 
need these extra flags to init on systems without mlock support
  • Loading branch information
@MattSurabian
MattSurabian authored Jan 4, 2018
2 parents ca597d6 + a0bbbce commit 50de4f4
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions tasks/init
View file
Original file line number Diff line number Diff line change
Expand Up @@ -77,7 +77,7 @@ do
if [ $(docker ps -q -f name=${VP_NAMESPACE}-vault${i}) ]; then
echo " Server #$i already exists"
else
docker run -d -P --cap-add=IPC_LOCK --network ${VP_NAMESPACE} --name ${VP_NAMESPACE}-vault${i} -e AWS_SECRET_ACCESS_KEY=${VP_AWS_SECRET_KEY} -e AWS_ACCESS_KEY_ID=${VP_AWS_ACCESS_KEY} -e AWS_DEFAULT_REGION=${VP_DYNAMODB_REGION} -e AWS_DYNAMODB_ENDPOINT=${VP_DYNAMODB_ENDPOINT} -e AWS_DYNAMODB_TABLE=${VP_DYNAMODB_TABLE} -e VAULT_ADDR=http://127.0.0.1:8200 -e 'VAULT_LOCAL_CONFIG={"backend": {"dynamodb": {"ha_enabled": "true", "redirect_addr":"'"http://$VP_NAMESPACE-vault$i:8200"'"}}, "listener": { "tcp": { "address":"0.0.0.0:8200", "tls_disable":1}}, "default_lease_ttl": "168h", "max_lease_ttl": "720h"}' vault server
docker run -d -P --cap-add=IPC_LOCK --network ${VP_NAMESPACE} --name ${VP_NAMESPACE}-vault${i} -e SKIP_SETCAP=true -e AWS_SECRET_ACCESS_KEY=${VP_AWS_SECRET_KEY} -e AWS_ACCESS_KEY_ID=${VP_AWS_ACCESS_KEY} -e AWS_DEFAULT_REGION=${VP_DYNAMODB_REGION} -e AWS_DYNAMODB_ENDPOINT=${VP_DYNAMODB_ENDPOINT} -e AWS_DYNAMODB_TABLE=${VP_DYNAMODB_TABLE} -e VAULT_ADDR=http://127.0.0.1:8200 -e 'VAULT_LOCAL_CONFIG={"backend": {"dynamodb": {"ha_enabled": "true", "redirect_addr":"'"http://$VP_NAMESPACE-vault$i:8200"'"}}, "disable_mlock": "true", "listener": { "tcp": { "address":"0.0.0.0:8200", "tls_disable":1}}, "default_lease_ttl": "168h", "max_lease_ttl": "720h"}' vault server
echo
fi
done
Expand Down Expand Up @@ -142,4 +142,4 @@ echo "Use Docker exec: "
echo " docker exec $VP_NAMESPACE-vault1 vault status"
echo "or set your host's VAULT_ADDR environment variable to communicate directly using the Vault CLI."
echo " export VAULT_ADDR=\$(make vault-leader)"
echo "Note that if Vault is still sealed there will be no leader and make vault-leader will error"
echo "Note that if Vault is still sealed there will be no leader and make vault-leader will error"

0 comments on commit 50de4f4

Please sign in to comment.