{"id":6584,"date":"2022-10-16T18:20:56","date_gmt":"2022-10-16T09:20:56","guid":{"rendered":"https:\/\/www.skyer9.pe.kr\/wordpress\/?p=6584"},"modified":"2022-12-04T16:35:46","modified_gmt":"2022-12-04T07:35:46","slug":"install-consul-nomad-vault-on-ubuntu-20-04","status":"publish","type":"post","link":"https:\/\/www.skyer9.pe.kr\/wordpress\/?p=6584","title":{"rendered":"Install Consul\/Nomad\/Vault on Ubuntu 20.04"},"content":{"rendered":"

Install Consul\/Nomad\/Vault on Ubuntu 20.04<\/h1>\n

\uac1c\ubc1c\uc6a9 PC \uc5d0 Consul\/Nomad\/Vault \ub97c \uc124\uce58\ud569\ub2c8\ub2e4.<\/p>\n

\uacf5\ud1b5<\/h2>\n
sudo apt update && sudo apt upgrade\n\nwget -O- https:\/\/apt.releases.hashicorp.com\/gpg | gpg --dearmor | sudo tee \/usr\/share\/keyrings\/hashicorp-archive-keyring.gpg\n\necho "deb [signed-by=\/usr\/share\/keyrings\/hashicorp-archive-keyring.gpg] https:\/\/apt.releases.hashicorp.com $(lsb_release -cs) main" | sudo tee \/etc\/apt\/sources.list.d\/hashicorp.list\n\nsudo apt update<\/code><\/pre>\n
Install Consul<\/h2>\n
sudo apt install consul\n\nconsul version<\/code><\/pre>\n
sudo vi \/etc\/consul.d\/consul.hcl\n------------------------------------------------\nadvertise_addr = "127.0.0.1"\nbind_addr = "0.0.0.0"\nbootstrap_expect = 1\nclient_addr = "0.0.0.0"\ndata_dir = "\/opt\/consul\/data"\nlog_level = "INFO"\n\nserver = true\nui_config {\n  enabled = true\n}\n\nconnect {\n  enabled = true\n}\n\ntelemetry {\n  prometheus_retention_time = "24h"\n}\n\nservice {\n  name = "consul"\n}\n------------------------------------------------<\/code><\/pre>\n
sudo systemctl enable consul\nsudo systemctl restart consul<\/code><\/pre>\n
http:\/\/127.0.0.01:8500<\/a><\/p>\n
Install Nomad<\/h2>\n
sudo apt install nomad\n\nnomad version<\/code><\/pre>\n
sudo vi \/etc\/nomad.d\/nomad.hcl\n------------------------------------------------\ndatacenter = "dc1"\ndata_dir   = "\/opt\/nomad\/data"\nbind_addr  = "0.0.0.0"\n\n# advertise {\n#   http = "127.0.0.1"\n#   rpc  = "127.0.0.1"\n#   serf = "127.0.0.1"\n# }\n\nserver {\n  enabled          = true\n  bootstrap_expect = 1\n}\n\n# log_file = "\/var\/log\/nomad\/"\n# log_level = "INFO"\n\nclient {\n  enabled = true\n\n#   host_volume "grafana" {\n#     # add directory manually\n#     # sudo mkdir -p \/opt\/nomad-volumes\/grafana\n#     # sudo chown 472:472 \/opt\/nomad-volumes\/grafana\n#     path = "\/opt\/nomad-volumes\/grafana"\n#   }\n}\n\n# consul {\n#   address = "127.0.0.1:8500"\n# }\n\nplugin "docker" {\n  config {\n    volumes {\n      enabled = true\n    }\n\n    # \uc2e4\ud589 \uc2e4\ud328\uc2dc \uc774\ubbf8\uc9c0 \uc0ad\uc81c\n    # \ub514\ubc84\uae45\uc2dc false \ub85c \ud560\uac83\n    gc {\n      container   = true\n    }\n\n#     auth {\n#       # Nomad will prepend "docker-credential-" to the helper value and call\n#       # that script name.\n#       helper = "ecr-login"\n#     }\n  }\n}\n\ntelemetry {\n  collection_interval = "5s"\n  disable_hostname = true\n  publish_allocation_metrics = true\n  publish_node_metrics       = true\n  prometheus_metrics         = true\n}\n------------------------------------------------<\/code><\/pre>\n
sudo systemctl restart nomad<\/code><\/pre>\n
http:\/\/127.0.0.01:4646<\/a><\/p>\n
Install Vault<\/h2>\n
\uae30\ubcf8 \uc124\uc815<\/h3>\n
sudo apt install vault\n\nvault version<\/code><\/pre>\n
sudo vi \/etc\/vault.d\/vault.hcl\n------------------------------------------------\nui = true\n\nstorage "file" {\n  path = "\/opt\/vault\/data"\n}\n\n#storage "consul" {\n#  address = "127.0.0.1:8500"\n#  path    = "vault"\n#}\n\n# HTTPS listener\nlistener "tcp" {\n  address       = "0.0.0.0:8200"\n  #tls_cert_file = "\/opt\/vault\/tls\/tls.crt"\n  #tls_key_file  = "\/opt\/vault\/tls\/tls.key"\n  tls_disable = 1\n}\n------------------------------------------------<\/code><\/pre>\n
sudo systemctl restart vault<\/code><\/pre>\n
http:\/\/127.0.0.01:8200<\/a> \uc5d0 \uc811\uc18d\ud574\uc11c storage \ub97c \ucd08\uae30\ud654\ud560 \uc218 \uc788\ub2e4.<\/p>\n
Key shares, Key threshold \ub294 \ud3b8\uc758\uc0c1 1 \ub85c \uc124\uc815\ud55c\ub2e4.<\/p>\n
\ud0a4 \uc7ac\ubc1c\uae09<\/h3>\n
\ud0a4\ub97c \ubd84\uc2e4\ud55c \uacbd\uc6b0, storage \ub97c \uc0ad\uc81c(\ubaa8\ub4e0 Secret \uac00 \uc0ad\uc81c\ub41c\ub2e4.)\ud558\uace0 vault \ub97c \uc7ac\uc2e4\ud589\ud574\uc11c,
\nstorage \ub97c \ucd08\uae30\ud654\ud560 \uc218 \uc788\ub2e4.<\/p>\n
Consul \uc5f0\ub3d9<\/h3>\n
sudo vi \/etc\/vault.d\/vault.hcl\n------------------------------------------------\nui = true\n\n#storage "file" {\n#  path = "\/opt\/vault\/data"\n#}\n\nstorage "consul" {\n  address = "127.0.0.1:8500"\n  path    = "vault"\n}\n\n# HTTPS listener\nlistener "tcp" {\n  address       = "0.0.0.0:8200"\n  #tls_cert_file = "\/opt\/vault\/tls\/tls.crt"\n  #tls_key_file  = "\/opt\/vault\/tls\/tls.key"\n  tls_disable = 1\n}\n------------------------------------------------<\/code><\/pre>\n
sudo systemctl restart vault<\/code><\/pre>\n","protected":false},"excerpt":{"rendered":"
Install Consul\/Nomad\/Vault on Ubuntu 20.04 \uac1c\ubc1c\uc6a9 PC \uc5d0 Consul\/Nomad\/Vault \ub97c \uc124\uce58\ud569\ub2c8\ub2e4. \uacf5\ud1b5 sudo apt update && sudo apt upgrade wget -O- https:\/\/apt.releases.hashicorp.com\/gpg | gpg –dearmor | sudo tee \/usr\/share\/keyrings\/hashicorp-archive-keyring.gpg echo "deb [signed-by=\/usr\/share\/keyrings\/hashicorp-archive-keyring.gpg] https:\/\/apt.releases.hashicorp.com $(lsb_release -cs) main" | sudo tee \/etc\/apt\/sources.list.d\/hashicorp.list sudo apt update Install Consul sudo apt install consul consul version sudo vi \/etc\/consul.d\/consul.hcl ————————————————\u2026 Read More »<\/a><\/span><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[31],"tags":[],"class_list":["post-6584","post","type-post","status-publish","format-standard","hentry","category-nomad"],"_links":{"self":[{"href":"https:\/\/www.skyer9.pe.kr\/wordpress\/index.php?rest_route=\/wp\/v2\/posts\/6584","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.skyer9.pe.kr\/wordpress\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.skyer9.pe.kr\/wordpress\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.skyer9.pe.kr\/wordpress\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.skyer9.pe.kr\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=6584"}],"version-history":[{"count":12,"href":"https:\/\/www.skyer9.pe.kr\/wordpress\/index.php?rest_route=\/wp\/v2\/posts\/6584\/revisions"}],"predecessor-version":[{"id":7136,"href":"https:\/\/www.skyer9.pe.kr\/wordpress\/index.php?rest_route=\/wp\/v2\/posts\/6584\/revisions\/7136"}],"wp:attachment":[{"href":"https:\/\/www.skyer9.pe.kr\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=6584"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.skyer9.pe.kr\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=6584"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.skyer9.pe.kr\/wordpress\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=6584"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}