Hashicorp - 保管库服务无法启动

Question

我在 Ubuntu 18.04 上设置了 Hashicorp - vault (Vault v1.5.4)。我的后端是 Consul（与 vault 在同一台服务器上运行的单个节点）- consul 服务已启动。

我的保管库服务无法启动

systemctl list-units --type=service | grep "vault"
vault.service                        loaded failed failed  vault service  

journalctl -xe -u vault
Oct 03 00:21:33 ubuntu2 systemd[1]: vault.service: Scheduled restart job, restart counter is at 5.
-- Subject: Automatic restarting of a unit has been scheduled
- Unit vault.service has finished shutting down.
Oct 03 00:21:33 ubuntu2 systemd[1]: vault.service: Start request repeated too quickly.
Oct 03 00:21:33 ubuntu2 systemd[1]: vault.service: Failed with result 'exit-code'.
Oct 03 00:21:33 ubuntu2 systemd[1]: Failed to start vault service.
-- Subject: Unit vault.service has failed

vault config.json

 "api_addr": "http://<my-ip>:8200",
  storage "consul" {
   address = "127.0.0.1:8500"
    path    = "vault"
  },

Service config

StandardOutput=/opt/vault/logs/output.log
StandardError=/opt/vault/logs/error.log


cat /opt/vault/logs/error.log
cat: /opt/vault/logs/error.log: No such file or directory
cat /opt/vault/logs/output.log
cat: /opt/vault/logs/output.log: No such file or directory
sudo tail -f /opt/vault/logs/error.log  
tail: cannot open '/opt/vault/logs/error.log' for reading: No such file or 
directory


:/opt/vault/logs$ ls -al
total 8
drwxrwxr-x 2 vault vault 4096 Oct  2 13:38 .
drwxrwxr-x 5 vault vault 4096 Oct  2 13:38 ..

Answer 1

经过多次调试，问题是愚蠢地混合 .hcl 和 .json （它们非常相似 - 但不同） - 在存储（如发布的）需要的东西之间剪切粘贴为 json 格式。 当错误消息没有说明并且日志中没有任何内容时，问题当然会更加复杂。

"storage": {
    "consul": {
        "address": "127.0.0.1:8500",
         "path" : "vault"
    }
 },

还有一些其他问题需要解决 - disable_mlock : true，为 8200 打开防火墙：sudo ufw allow 8200/tcp。

终于完成（相当开始）。