Skip to content

Commit

Permalink
KYLO-2230 Credential store implementation with Vault, developer setup…
Browse files Browse the repository at this point in the history
… for Vault
  • Loading branch information
uralovs committed Jul 23, 2018
1 parent b7819b1 commit 917d186
Show file tree
Hide file tree
Showing 2 changed files with 27 additions and 1 deletion.
26 changes: 26 additions & 0 deletions developer-guides/KyloDeveloperGuide.rst
Original file line number Diff line number Diff line change
Expand Up @@ -297,6 +297,32 @@ There are a few notes worth mentioning about using AngularJS Material:

3. Do not use ``flex`` element where you don't have to. Browsers will usually flex elements correctly. This is to minimise the occurrence of ``flex`` being required by Safari while breaking layout on IE.


Vault Development
-----------------

:doc:`Vault <../security/Vault>` will not be in use if you are running from IDE because it is a plugin and should be explicitly added to kylo-services class path.
You don’t normally need Vault unless working with passwords. Kylo will work fine without this plugin on class path.

If you decide to run with Vault from IDE then:

- Add Vault to class path by adding ``catalog-credential-vault`` to kylo-services ``pom.xml`` or otherwise updating kylo-services module’s dependencies in IDE

- :ref:`Install Vault in VM <install_vault>`

- Start Vault in VM with ``service vault start``

- Forward port 8200 to VM

- Copy ``kylo-vault-keystore.jks`` and ``kylo-vault-truststore.jks`` from ``/opt/kylo/ssl`` on VM to your box and update ``vault.keyStoreDirectory`` and ``vault.trustStoreDirectory`` in local ``application.properties``

- Copy values of ``vault.keyStorePassword`` and ``vault.trustStorePassword`` from ``application.properties`` on VM to ``application.properties`` on local box

- Start Kylo services




.. |AngularJsLink| raw:: html

<a href="https://code.angularjs.org/1.6.2/docs/guide" target="_blank">AngularJS</a>
Expand Down
2 changes: 1 addition & 1 deletion installation/KyloApplicationProperties.rst
Original file line number Diff line number Diff line change
Expand Up @@ -369,7 +369,7 @@ These properties allow Kylo to interact with Vault
+------------------------------+-------------------------------------------+----------------------------------------------------------------------------------------------------------------+
| vault.root | secrets/kylo/catalog/datasource | Path in Vault where Kylo will store secrets |
+------------------------------+-------------------------------------------+----------------------------------------------------------------------------------------------------------------+
| vault.token | randomly value generated | Either vault.token or vault.keyStore*, but not both, is used for authentication with Vault |
| vault.token | randomly value generated | Either vault.token or vault.keyStore*, but not both, is used for authentication with Vault |
+------------------------------+-------------------------------------------+----------------------------------------------------------------------------------------------------------------+
| vault.keyStoreDirectory | /opt/kylo/ssl | |
+------------------------------+-------------------------------------------+----------------------------------------------------------------------------------------------------------------+
Expand Down

0 comments on commit 917d186

Please sign in to comment.