How To Install Hashicorp Vault on Ubuntu 18.04 LTS

Install Hashicorp Vault on Ubuntu 18.04 LTS

In this tutorial, we will show you how to install Hashicorp Vault on Ubuntu 18.04 LTS. For those of you who didn’t know, Vault is an open-source tool that provides a secure, reliable way to store and distribute secrets like API keys, access tokens, and passwords. Software like Vault can be critically important when deploying applications that require the use of secrets or sensitive data.

This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo’ to the commands to get root privileges. I will show you through the step by step installation of Hashicorp Vault on an Ubuntu 18.04 Bionic Beaver server.

Install Hashicorp Vault on Ubuntu 18.04 LTS Bionic Beaver

Step 1. First, make sure that all your system packages are up-to-date by running these following apt-get commands in the terminal.

sudo apt update
sudo apt upgrade

Step 2. Installing Consul.

First, go to the Consul download page.  Right-click the link for Linux 64-bit and select ‘copy link address’ or whatever the similar option is for your browser:

wget https://releases.hashicorp.com/consul/1.3.0/consul_1.3.0_linux_amd64.zip
unzip consul_1.3.0_linux_amd64.zip
mv consul /usr/bin

Next, run Consul as a service so we need to configure a SystemD service for Consul:

nano /etc/systemd/system/consul.service
[Unit]
Description=Consul
Documentation=https://www.consul.io/

[Service]
ExecStart=/usr/bin/consul agent -server -ui -data-dir=/tmp/consul -bootstrap-expect=1 -node=vault -bind=192.168.1.28 -config-dir=/etc/consul.d/
ExecReload=/bin/kill -HUP $MAINPID
LimitNOFILE=65536

[Install]
WantedBy=multi-user.target

Next we need to add some configuration so that we can access the Consul GUI from our network:

mkdir /etc/consul.d/

Then, create a new file /etc/consul.d/ui.json and add the following file:

nano /etc/consul.d/ui.json
{
  "addresses": {
    "http": "0.0.0.0"
  }
}

Now we are ready to start the Consul Service:

systemctl daemon-reload
systemctl start consul
systemctl enable consul

Verify that our Consul Service:

root@ramona:~# consul members
Node   Address            Status  Type    Build  Protocol  DC   Segment
vault  192.168.1.28:8301  alive   server  1.3.0  2         dc1  <all>

Step 3. Installing Vault on Ubuntu 18.04.

First, go to the Vault Downloads page and copy the URL just like we did for Consul:

wget https://releases.hashicorp.com/vault/0.11.4/vault_0.11.4_linux_amd64.zip
unzip vault_0.11.4_linux_amd64.zip
mv vault /usr/bin

Next, Create a configuration directory /etc/vault:

mkdir /etc/vault

Then, create a new file /etc/vault/config.hcl with the following contents:

storage "consul" {
  address = "127.0.0.1:8500"
  path    = "vault/"
}

listener "tcp" {
 address     = "192.168.1.28:8200"
 tls_disable = 1
}

ui = true

Now we need to create the SystemD Service for the vault:

nano /etc/systemd/system/vault.service
[Unit]
Description=Vault
Documentation=https://www.vault.io/

[Service]
ExecStart=/usr/bin/vault server -config=/etc/vault/config.hcl
ExecReload=/bin/kill -HUP $MAINPID
LimitNOFILE=65536

[Install]
WantedBy=multi-user.target

Next, we need to start the Vault Service:

systemctl daemon-reload
systemctl start vault
systemctl enable vault

To enable the CLI to connect to our Vault service run this command:

export VAULT_ADDR=http://192.168.1.28:8200

After Vault starts we need to initialize it. This only has to be done once or when you change storage backends for some reason:

vault operator init

Congratulations! You have successfully installed Vault. Thanks for using this tutorial for installing Hashicorp Vault in Ubuntu 18.04 LTS system. For additional help or useful information, we recommend you to check the official Vault website.

VPS Manage Service Offer
If you don’t have time to do all of this stuff, or if this is not your area of expertise, we offer a service to do “VPS Manage Service Offer”, starting from $10 (Paypal payment). Please contact us to get the best deal!