반응형
Consul 클러스터와 Vault 클러스터의 상태를 확인하고 KV(Key-Value) 엔진을 테스트하는 방법
Consul 클러스터 상태 확인
노드 접속
docker compose exec -it consul-node1 /bin/sh클러스터 멤버 확인
consul membersNode Address Status Type Build Protocol DC Partition Segment
consul-node1 172.18.0.3:8301 alive server 1.22.1 2 dc1 default <all>
consul-node2 172.18.0.6:8301 alive server 1.22.1 2 dc1 default <all>
consul-node3 172.18.0.5:8301 alive server 1.22.1 2 dc1 default <all>리더(Leader) 확인
consul operator raft list-peersNode ID Address State Voter RaftProtocol Commit Index Trails Leader By
consul-node1 9956c830-9370-a6fb-d7b6-3046de50100e 172.18.0.3:8300 follower true 3 496 0 commits
consul-node2 1210bef9-b83f-4e11-d99f-6fdbc0e25ab6 172.18.0.6:8300 follower true 3 496 0 commits
consul-node3 aa442318-4b64-f30b-bdb0-b455f978f285 172.18.0.5:8300 leader true 3 496 -REST API로 상태 조회
- Consul API는 단순하게 클러스터 정보를 가져올 수 있습니다.
Peers 조회
curl -s http://consul-node1:8500/v1/status/peers | jq .[
"172.18.0.5:8300",
"172.18.0.6:8300",
"172.18.0.3:8300"
]리더(Leader) 확인
curl -s http://consul-node1:8500/v1/status/leader | jq ."172.18.0.5:8300"Consul KV 테스트
KV 데이터 쓰기
consul kv put test/cli_key "Test Value from CLI"Success! Data written to: test/cli_keyKV 데이터 읽기
consul kv get test/cli_keyTest Value from CLIKV 데이터 삭제
consul kv delete test/cli_keySuccess! Deleted key: test/cli_key728x90
Vault 클러스터 상태 확인
환경 변수 설정
export VAULT_ADDR="http://vault-node1:8200"
export VAULT_TOKEN="hvs.uoDEhj6begrUpM0Gfo483yGp"로그인
vault login hvs.uoDEhj6begrUpM0Gfo483yGp상태 확인
vault statusKey Value
--- -----
Seal Type shamir
Initialized true
Sealed false
Total Shares 5
Threshold 3
Version 1.21.1
Build Date 2025-11-18T13:04:32Z
Storage Type consul
Cluster Name vault-cluster-b217408b
Cluster ID fa23a9e4-5a65-9d62-ae71-98c7e1fd4368
HA Enabled true
HA Cluster https://vault-node1:8201
HA Mode active
Active Since 2025-12-01T23:32:02.877780554+09:00Vault KV Secret Engine 테스트(KV v2)
KV 엔진 활성화
더보기
---
KV v1 엔진 활성화
vault secrets enable kvSuccess! Enabled the kv secrets engine at: kv/curl -s \
--header "X-Vault-Token: $VAULT_TOKEN" \
--request GET \
$VAULT_ADDR/v1/kv/my-application | jq .---
vault secrets enable -path=kv kv-v2Success! Enabled the kv-v2 secrets engine at: kv/Secret 생성(put)
vault kv put kv/my-application \
username="vault-user" \
password="super-secret-password"===== Secret Path =====
kv/data/my-application
======= Metadata =======
Key Value
--- -----
created_time 2025-12-01T15:13:19.766147381Z
custom_metadata <nil>
deletion_time n/a
destroyed false
version 1Secret 조회(get)
vault kv get kv/my-application===== Secret Path =====
kv/data/my-application
======= Metadata =======
Key Value
--- -----
created_time 2025-12-01T15:13:19.766147381Z
custom_metadata <nil>
deletion_time n/a
destroyed false
version 1
====== Data ======
Key Value
--- -----
password super-secret-password
username vault-userSecret 삭제(delete)
vault kv delete kv/my-applicationSuccess! Data deleted (if it existed) at: kv/data/my-applicationKV v1 REST API로 조회
curl -s \
--header "X-Vault-Token: $VAULT_TOKEN" \
--request GET \
$VAULT_ADDR/v1/kv/data/my-application | jq .{
"request_id": "2524a6e6-3f48-ddd1-d4bc-453a348e88ad",
"lease_id": "",
"renewable": false,
"lease_duration": 0,
"data": {
"data": {
"password": "super-secret-password",
"username": "vault-user"
},
"metadata": {
"created_time": "2025-12-01T15:15:39.645745127Z",
"custom_metadata": null,
"deletion_time": "",
"destroyed": false,
"version": 2
}
},
"wrap_info": null,
"warnings": null,
"auth": null,
"mount_type": "kv"
}
728x90
반응형
'리눅스' 카테고리의 다른 글
| hashicorp Vault KV 엔진 (0) | 2025.12.01 |
|---|---|
| MySQL 8.4에서 root 사용자의 원격 접속을 허용하는 방법 (0) | 2025.12.01 |
| 우분투 22.04에서 Vault CLI를 설치하는 방법 (0) | 2025.11.28 |
| 우분투 24.04 서버에서 updo를 설치하는 방법 (0) | 2025.11.26 |
| 우분투 24.04 서버에서 Uptime Kuma를 설치하는 방법 (0) | 2025.11.26 |
