HashiCorpVault/HashiCorpVault.json

{"status":{},"spec":{"description":"After the blueprint changes to a RUNNING state, open up a terminal and run the following commands:\n\nexport VAULT_IP=\"@@{Vault.address[0]}@@\"\n\ncurl --request PUT --data \"{\\\n  \\\\\"secret_shares\\\\\": @@{secret_shares}@@,\\\n  \\\\\"secret_threshold\\\\\": @@{secret_threshold}@@\\\n}\" \"http:\/\/$VAULT_IP\\:8200\/v1\/sys\/init\"\n\nYour keys and root token will be returned, which should be saved in a safe place.   Then, from the Application Manage tab, run the \"Unseal\" action **@@{secret_threshold}@@** times, providing a unique key each time.","resources":{"client_attrs":{"None":{"y":440.5,"x":772.75},"5427f389_deployment":{"y":448,"x":471},"5427f389_deployment_cloned_0":{"y":453,"x":823}},"service_definition_list":[{"singleton":false,"action_list":[{"description":"System action for creating an application","type":"system","critical":false,"runbook":{"task_definition_list":[{"target_any_local_reference":{"kind":"app_service","name":"Consul"},"retries":"0","description":"","child_tasks_local_reference_list":[],"name":"0ef301a7_dag","attrs":{"edges":[],"type":""},"timeout_secs":"0","type":"DAG","variable_list":[]}],"description":"","name":"ac30985c_runbook","main_task_local_reference":{"kind":"app_task","name":"0ef301a7_dag"},"variable_list":[]},"name":"action_create"},{"description":"System action for deleting an application. Deletes created VMs as well","type":"system","critical":false,"runbook":{"task_definition_list":[{"target_any_local_reference":{"kind":"app_service","name":"Consul"},"retries":"0","description":"","child_tasks_local_reference_list":[],"name":"bac59b8a_dag","attrs":{"edges":[],"type":""},"timeout_secs":"0","type":"DAG","variable_list":[]}],"description":"","name":"74ac7ebc_runbook","main_task_local_reference":{"kind":"app_task","name":"bac59b8a_dag"},"variable_list":[]},"name":"action_delete"},{"description":"System action for starting an application","type":"system","critical":false,"runbook":{"task_definition_list":[{"target_any_local_reference":{"kind":"app_service","name":"Consul"},"retries":"0","description":"","child_tasks_local_reference_list":[],"name":"a8718711_dag","attrs":{"edges":[],"type":""},"timeout_secs":"0","type":"DAG","variable_list":[]}],"description":"","name":"426e7e42_runbook","main_task_local_reference":{"kind":"app_task","name":"a8718711_dag"},"variable_list":[]},"name":"action_start"},{"description":"System action for stopping an application","type":"system","critical":false,"runbook":{"task_definition_list":[{"target_any_local_reference":{"kind":"app_service","name":"Consul"},"retries":"0","description":"","child_tasks_local_reference_list":[],"name":"a6a80bc0_dag","attrs":{"edges":[],"type":""},"timeout_secs":"0","type":"DAG","variable_list":[]}],"description":"","name":"e55fdb5d_runbook","main_task_local_reference":{"kind":"app_task","name":"a6a80bc0_dag"},"variable_list":[]},"name":"action_stop"},{"description":"System action for restarting an application","type":"system","critical":false,"runbook":{"task_definition_list":[{"target_any_local_reference":{"kind":"app_service","name":"Consul"},"retries":"0","description":"","child_tasks_local_reference_list":[],"name":"6007590a_dag","attrs":{"edges":[],"type":""},"timeout_secs":"0","type":"DAG","variable_list":[]}],"description":"","name":"ff93e701_runbook","main_task_local_reference":{"kind":"app_task","name":"6007590a_dag"},"variable_list":[]},"name":"action_restart"}],"depends_on_list":[],"name":"Consul","port_list":[],"tier":"","variable_list":[],"description":""},{"singleton":false,"action_list":[{"description":"System action for creating an application","type":"system","critical":false,"runbook":{"task_definition_list":[{"target_any_local_reference":{"kind":"app_service","name":"Vault"},"retries":"0","description":"","child_tasks_local_reference_list":[{"kind":"app_task","name":"1CreateConfigFiles"},{"kind":"app_task","name":"2SetupConsulSystemd"},{"kind":"app_task","name":"3VerifyConsulCluster"},{"kind":"app_task","name":"4SetupVaultSystemd"}],"name":"0ef301a7_dag_cloned_1","attrs":{"edges":[{"from_task_reference":{"kind":"app_task","name":"1CreateConfigFiles"},"edge_type":"user_defined","type":"","to_task_reference":{"kind":"app_task","name":"2SetupConsulSystemd"}},{"from_task_reference":{"kind":"app_task","name":"2SetupConsulSystemd"},"edge_type":"user_defined","type":"","to_task_reference":{"kind":"app_task","name":"3VerifyConsulCluster"}},{"from_task_reference":{"kind":"app_task","name":"3VerifyConsulCluster"},"edge_type":"user_defined","type":"","to_task_reference":{"kind":"app_task","name":"4SetupVaultSystemd"}}],"type":""},"timeout_secs":"0","type":"DAG","variable_list":[]},{"target_any_local_reference":{"kind":"app_service","name":"Vault"},"retries":"0","description":"","child_tasks_local_reference_list":[],"name":"1CreateConfigFiles","attrs":{"exit_status":[],"script":"#!\/bin\/bash\nset -ex\n\n# create the users and set up the directories\nsudo useradd -M consul\nsudo usermod -L consul\nsudo useradd -M vault\nsudo usermod -L vault\nsudo mkdir \/var\/consul \/var\/consul\/data \/usr\/local\/etc\/consul \/etc\/vault\nsudo chown consul:consul \/var\/consul \/var\/consul\/data \/usr\/local\/etc\/consul\n\n# set up the host variables\nhosts=$(echo \"@@{ConsulAHV.address}@@\" | tr \",\" \"\\n\")\ncounter=0\nfor host in $hosts; do\n  declare host${counter}=$host\n  counter=$((counter + 1))\ndone\n\n# create the consul config file\nsudo touch \/usr\/local\/etc\/consul\/client_agent.json\nsudo chown centos:centos \/usr\/local\/etc\/consul\/client_agent.json\ncat << EOF > \/usr\/local\/etc\/consul\/client_agent.json\n{\n  \"server\": false,\n  \"node_name\": \"consul_c@@{AZ_INT(calm_array_index) + 1}@@\",\n  \"datacenter\": \"dc1\",\n  \"data_dir\": \"\/var\/consul\/data\",\n  \"bind_addr\": \"@@{address}@@\",\n  \"client_addr\": \"127.0.0.1\",\n  \"retry_join\": [\"${host0}\", \"${host1}\", \"${host2}\"],\n  \"log_level\": \"DEBUG\",\n  \"enable_syslog\": true,\n  \"acl_enforce_version_8\": false\n}\nEOF\nsudo chown consul:consul \/usr\/local\/etc\/consul\/client_agent.json\n\n# create the vault config file\nsudo touch \/etc\/vault\/vault_server.hcl\nsudo chown centos:centos \/etc\/vault\/vault_server.hcl\ncat << EOF > \/etc\/vault\/vault_server.hcl\nui = @@{ui}@@\n\nlistener \"tcp\" {\n  address          = \"0.0.0.0:8200\"\n  cluster_address  = \"@@{address}@@:8201\"\n  tls_disable      = \"true\"\n}\n\nstorage \"consul\" {\n  address = \"127.0.0.1:8500\"\n  path    = \"vault\/\"\n}\n\napi_addr = \"http:\/\/@@{address}@@:8200\"\ncluster_addr = \"https:\/\/@@{address}@@:8201\"\nEOF\nsudo chown vault:vault \/etc\/vault\/vault_server.hcl","script_type":"sh","type":"","command_line_args":"","login_credential_local_reference":{"kind":"app_credential","name":"CentOS_Key"}},"timeout_secs":"0","type":"EXEC","variable_list":[]},{"target_any_local_reference":{"kind":"app_service","name":"Vault"},"retries":"0","description":"","child_tasks_local_reference_list":[],"name":"2SetupConsulSystemd","attrs":{"exit_status":[],"script":"#!\/bin\/bash\nset -ex\n\n# create the unit file\necho '### BEGIN INIT INFO\n# Provides:          consul\n# Required-Start:    $local_fs $remote_fs\n# Required-Stop:     $local_fs $remote_fs\n# Default-Start:     2 3 4 5\n# Default-Stop:      0 1 6\n# Short-Description: Consul agent\n# Description:       Consul service discovery framework\n### END INIT INFO\n\n[Unit]\nDescription=Consul client agent\nRequires=network-online.target\nAfter=network-online.target\n\n[Service]\nUser=consul\nGroup=consul\nPIDFile=\/var\/run\/consul\/consul.pid\nPermissionsStartOnly=true\nExecStartPre=-\/bin\/mkdir -p \/var\/run\/consul\nExecStartPre=\/bin\/chown -R consul:consul \/var\/run\/consul\nExecStart=\/usr\/local\/bin\/consul agent \\\n    -config-file=\/usr\/local\/etc\/consul\/client_agent.json \\\n    -pid-file=\/var\/run\/consul\/consul.pid\nExecReload=\/bin\/kill -HUP $MAINPID\nKillMode=process\nKillSignal=SIGTERM\nRestart=on-failure\nRestartSec=42s\n\n[Install]\nWantedBy=multi-user.target' | sudo tee \/etc\/systemd\/system\/consul.service\n\n# reload daemons and start service\nsudo systemctl daemon-reload\nsudo systemctl start consul\nsudo systemctl enable consul\nsudo systemctl status consul","script_type":"sh","type":"","command_line_args":"","login_credential_local_reference":{"kind":"app_credential","name":"CentOS_Key"}},"timeout_secs":"0","type":"EXEC","variable_list":[]},{"target_any_local_reference":{"kind":"app_service","name":"Vault"},"retries":"0","description":"","child_tasks_local_reference_list":[],"name":"3VerifyConsulCluster","attrs":{"exit_status":[],"script":"#!\/bin\/bash\nset -ex\n\nsleep 30\n\nconsul members","script_type":"sh","type":"","command_line_args":"","login_credential_local_reference":{"kind":"app_credential","name":"CentOS_Key"}},"timeout_secs":"0","type":"EXEC","variable_list":[]},{"target_any_local_reference":{"kind":"app_service","name":"Vault"},"retries":"0","description":"","child_tasks_local_reference_list":[],"name":"4SetupVaultSystemd","attrs":{"exit_status":[],"script":"#!\/bin\/bash\nset -ex\n\n# create the unit file\necho '### BEGIN INIT INFO\n# Provides:          vault\n# Required-Start:    $local_fs $remote_fs\n# Required-Stop:     $local_fs $remote_fs\n# Default-Start:     2 3 4 5\n# Default-Stop:      0 1 6\n# Short-Description: Vault server\n# Description:       Vault secret management tool\n### END INIT INFO\n\n[Unit]\nDescription=Vault secret management tool\nRequires=network-online.target\nAfter=network-online.target\n\n[Service]\nUser=vault\nGroup=vault\nPIDFile=\/var\/run\/vault\/vault.pid\nExecStart=\/usr\/local\/bin\/vault server -config=\/etc\/vault\/vault_server.hcl -log-level=debug\nExecReload=\/bin\/kill -HUP $MAINPID\nKillMode=process\nKillSignal=SIGTERM\nRestart=on-failure\nRestartSec=42s\nLimitMEMLOCK=infinity\n\n[Install]\nWantedBy=multi-user.target' | sudo tee \/etc\/systemd\/system\/vault.service\n\n# reload daemons and start service\nsudo systemctl daemon-reload\nsudo systemctl start vault\nsudo systemctl enable vault\nsudo systemctl status vault","script_type":"sh","type":"","command_line_args":"","login_credential_local_reference":{"kind":"app_credential","name":"CentOS_Key"}},"timeout_secs":"0","type":"EXEC","variable_list":[]}],"description":"","name":"ac30985c_runbook_cloned_0","main_task_local_reference":{"kind":"app_task","name":"0ef301a7_dag_cloned_1"},"variable_list":[]},"name":"action_create"},{"description":"System action for deleting an application. Deletes created VMs as well","type":"system","critical":false,"runbook":{"task_definition_list":[{"target_any_local_reference":{"kind":"app_service","name":"Vault"},"retries":"0","description":"","child_tasks_local_reference_list":[],"name":"bac59b8a_dag_cloned_1","attrs":{"edges":[],"type":""},"timeout_secs":"0","type":"DAG","variable_list":[]}],"description":"","name":"74ac7ebc_runbook_cloned_0","main_task_local_reference":{"kind":"app_task","name":"bac59b8a_dag_cloned_1"},"variable_list":[]},"name":"action_delete"},{"description":"System action for starting an application","type":"system","critical":false,"runbook":{"task_definition_list":[{"target_any_local_reference":{"kind":"app_service","name":"Vault"},"retries":"0","description":"","child_tasks_local_reference_list":[],"name":"a8718711_dag_cloned_1","attrs":{"edges":[],"type":""},"timeout_secs":"0","type":"DAG","variable_list":[]}],"description":"","name":"426e7e42_runbook_cloned_0","main_task_local_reference":{"kind":"app_task","name":"a8718711_dag_cloned_1"},"variable_list":[]},"name":"action_start"},{"description":"System action for stopping an application","type":"system","critical":false,"runbook":{"task_definition_list":[{"target_any_local_reference":{"kind":"app_service","name":"Vault"},"retries":"0","description":"","child_tasks_local_reference_list":[],"name":"a6a80bc0_dag_cloned_1","attrs":{"edges":[],"type":""},"timeout_secs":"0","type":"DAG","variable_list":[]}],"description":"","name":"e55fdb5d_runbook_cloned_0","main_task_local_reference":{"kind":"app_task","name":"a6a80bc0_dag_cloned_1"},"variable_list":[]},"name":"action_stop"},{"description":"System action for restarting an application","type":"system","critical":false,"runbook":{"task_definition_list":[{"target_any_local_reference":{"kind":"app_service","name":"Vault"},"retries":"0","description":"","child_tasks_local_reference_list":[],"name":"6007590a_dag_cloned_1","attrs":{"edges":[],"type":""},"timeout_secs":"0","type":"DAG","variable_list":[]}],"description":"","name":"ff93e701_runbook_cloned_0","main_task_local_reference":{"kind":"app_task","name":"6007590a_dag_cloned_1"},"variable_list":[]},"name":"action_restart"}],"depends_on_list":[{"kind":"app_service","name":"Consul"}],"name":"Vault","port_list":[],"tier":"","variable_list":[],"description":""}],"substrate_definition_list":[{"description":"","action_list":[],"type":"AHV_VM","name":"ConsulAHV","readiness_probe":{"connection_type":"SSH","retries":"5","disable_readiness_probe":false,"address":"@@{platform.status.resources.nic_list[0].ip_endpoint_list[0].ip}@@","delay_secs":"60","connection_port":22,"login_credential_local_reference":{"kind":"app_credential","name":"CentOS_Key"}},"editables":{"create_spec":{"resources":{"nic_list":{},"serial_port_list":{},"disk_list":{}}}},"os_type":"Linux","create_spec":{"name":"consul-@@{calm_array_index}@@-@@{calm_time}@@","resources":{"nic_list":[{"nic_type":"NORMAL_NIC","ip_endpoint_list":[],"network_function_chain_reference":null,"network_function_nic_type":"INGRESS","mac_address":"","subnet_reference":{"kind":"subnet","type":"","name":"","uuid":"0e26c135-d478-428e-9fb8-22c0acfa5f3a"},"type":""}],"serial_port_list":[],"guest_tools":null,"num_vcpus_per_socket":1,"num_sockets":2,"gpu_list":[],"memory_size_mib":4096,"parent_reference":null,"hardware_clock_timezone":"","guest_customization":{"cloud_init":{"meta_data":"","type":"","user_data":"#cloud-config\nusers:\n  - name: centos\n    ssh-authorized-keys:\n      - @@{INSTANCE_PUBLIC_KEY}@@\n    sudo: ['ALL=(ALL) NOPASSWD:ALL']"},"type":"","sysprep":null},"power_state":"ON","type":"","boot_config":{"boot_device":{"type":"","disk_address":{"type":"","device_index":0,"adapter_type":"SCSI"}},"type":"","mac_address":""},"disk_list":[{"data_source_reference":{"kind":"app_package","type":"","name":"Centos_7_Cloud","uuid":"376d4d8c-6663-4166-b847-e40e1a8f8454"},"type":"","disk_size_mib":0,"volume_group_reference":null,"device_properties":{"type":"","disk_address":{"type":"","device_index":0,"adapter_type":"SCSI"},"device_type":"DISK"}}]},"availability_zone_reference":null,"backup_policy":null,"type":"","cluster_reference":null,"categories":""},"variable_list":[]},{"description":"","action_list":[],"type":"AHV_VM","name":"VaultAHV","readiness_probe":{"connection_type":"SSH","retries":"5","disable_readiness_probe":false,"address":"@@{platform.status.resources.nic_list[0].ip_endpoint_list[0].ip}@@","delay_secs":"60","connection_port":22,"login_credential_local_reference":{"kind":"app_credential","name":"CentOS_Key"}},"editables":{"create_spec":{"resources":{"nic_list":{},"serial_port_list":{},"disk_list":{}}}},"os_type":"Linux","create_spec":{"name":"vault-@@{calm_array_index}@@-@@{calm_time}@@","resources":{"nic_list":[{"nic_type":"NORMAL_NIC","ip_endpoint_list":[],"network_function_chain_reference":null,"network_function_nic_type":"INGRESS","mac_address":"","subnet_reference":{"kind":"subnet","type":"","name":"","uuid":"0e26c135-d478-428e-9fb8-22c0acfa5f3a"},"type":""}],"serial_port_list":[],"guest_tools":null,"num_vcpus_per_socket":1,"num_sockets":2,"gpu_list":[],"memory_size_mib":4096,"parent_reference":null,"hardware_clock_timezone":"","guest_customization":{"cloud_init":{"meta_data":"","type":"","user_data":"#cloud-config\nusers:\n  - name: centos\n    ssh-authorized-keys:\n      - @@{INSTANCE_PUBLIC_KEY}@@\n    sudo: ['ALL=(ALL) NOPASSWD:ALL']"},"type":"","sysprep":null},"power_state":"ON","type":"","boot_config":{"boot_device":{"type":"","disk_address":{"type":"","device_index":0,"adapter_type":"SCSI"}},"type":"","mac_address":""},"disk_list":[{"data_source_reference":{"kind":"app_package","type":"","name":"Centos_7_Cloud","uuid":"376d4d8c-6663-4166-b847-e40e1a8f8454"},"type":"","disk_size_mib":0,"volume_group_reference":null,"device_properties":{"type":"","disk_address":{"type":"","device_index":0,"adapter_type":"SCSI"},"device_type":"DISK"}}]},"availability_zone_reference":null,"backup_policy":null,"type":"","cluster_reference":null,"categories":""},"variable_list":[]}],"credential_definition_list":[{"username":"centos","description":"","type":"KEY","secret":{"attrs":{"is_secret_modified":false,"secret_reference":{}}},"name":"CentOS_Key"}],"package_definition_list":[{"description":"","action_list":[],"type":"DEB","service_local_reference_list":[{"kind":"app_service","name":"Consul"}],"name":"ConsulPackage","version":"","options":{"install_runbook":{"task_definition_list":[{"target_any_local_reference":{"kind":"app_package","name":"ConsulPackage"},"retries":"0","description":"","message_list":[],"child_tasks_local_reference_list":[{"kind":"app_task","name":"1InstallSoftware"},{"kind":"app_task","name":"2CreateConfigFile"},{"kind":"app_task","name":"3SetupSystemd"}],"name":"d7e86f4a_dag","state":"ACTIVE","attrs":{"edges":[{"from_task_reference":{"kind":"app_task","name":"1InstallSoftware"},"edge_type":"user_defined","type":"","to_task_reference":{"kind":"app_task","name":"2CreateConfigFile"}},{"from_task_reference":{"kind":"app_task","name":"2CreateConfigFile"},"edge_type":"user_defined","type":"","to_task_reference":{"kind":"app_task","name":"3SetupSystemd"}}],"type":""},"timeout_secs":"0","type":"DAG","variable_list":[]},{"target_any_local_reference":{"kind":"app_service","name":"Consul"},"retries":"0","description":"","message_list":[],"child_tasks_local_reference_list":[],"name":"1InstallSoftware","state":"ACTIVE","attrs":{"exit_status":[],"script":"#!\/bin\/bash\nset -ex\n\n# yum update and package installation\nsudo yum update -y\nsudo yum install -y unzip wget\n\n# get the consul binary and put it in the proper location\nwget https:\/\/releases.hashicorp.com\/consul\/1.4.1\/consul_1.4.1_linux_amd64.zip\nunzip consul_1.4.1_linux_amd64.zip\nrm consul_1.4.1_linux_amd64.zip\nsudo mv consul \/usr\/local\/bin\/.\nsudo chown root:root \/usr\/local\/bin\/consul\nsudo chcon -u system_u -t bin_t \/usr\/local\/bin\/consul","script_type":"sh","type":"","command_line_args":"","login_credential_local_reference":{"kind":"app_credential","name":"CentOS_Key"}},"timeout_secs":"0","type":"EXEC","variable_list":[]},{"target_any_local_reference":{"kind":"app_service","name":"Consul"},"retries":"0","description":"","message_list":[],"child_tasks_local_reference_list":[],"name":"2CreateConfigFile","state":"ACTIVE","attrs":{"exit_status":[],"script":"#!\/bin\/bash\nset -ex\n\n# create the user and set up the directories\nsudo useradd -M consul\nsudo usermod -L consul\nsudo mkdir \/var\/consul \/var\/consul\/data \/usr\/local\/etc\/consul\nsudo chown consul:consul \/var\/consul \/var\/consul\/data \/usr\/local\/etc\/consul\n\n# set up the host variables\nhosts=$(echo \"@@{ConsulAHV.address}@@\" | tr \",\" \"\\n\")\ncounter=0\nfor host in $hosts; do\n  declare host${counter}=$host\n  counter=$((counter + 1))\ndone\n\n# create the config file\nsudo touch \/usr\/local\/etc\/consul\/server_agent.json\nsudo chown centos:centos \/usr\/local\/etc\/consul\/server_agent.json\ncat << EOF > \/usr\/local\/etc\/consul\/server_agent.json\n{\n  \"server\": true,\n  \"node_name\": \"consul_s@@{AZ_INT(calm_array_index) + 1}@@\",\n  \"datacenter\": \"dc1\",\n  \"data_dir\": \"\/var\/consul\/data\",\n  \"bind_addr\": \"0.0.0.0\",\n  \"client_addr\": \"0.0.0.0\",\n  \"advertise_addr\": \"@@{address}@@\",\n  \"bootstrap_expect\": 3,\n  \"retry_join\": [\"${host0}\", \"${host1}\", \"${host2}\"],\n  \"ui\": true,\n  \"log_level\": \"DEBUG\",\n  \"enable_syslog\": true,\n  \"acl_enforce_version_8\": false\n}\nEOF\nsudo chown consul:consul \/usr\/local\/etc\/consul\/server_agent.json","script_type":"sh","type":"","command_line_args":"","login_credential_local_reference":{"kind":"app_credential","name":"CentOS_Key"}},"timeout_secs":"0","type":"EXEC","variable_list":[]},{"target_any_local_reference":{"kind":"app_service","name":"Consul"},"retries":"0","description":"","message_list":[],"child_tasks_local_reference_list":[],"name":"3SetupSystemd","state":"ACTIVE","attrs":{"exit_status":[],"script":"#!\/bin\/bash\nset -ex\n\n# create the unit file\necho '### BEGIN INIT INFO\n# Provides:          consul\n# Required-Start:    $local_fs $remote_fs\n# Required-Stop:     $local_fs $remote_fs\n# Default-Start:     2 3 4 5\n# Default-Stop:      0 1 6\n# Short-Description: Consul agent\n# Description:       Consul service discovery framework\n### END INIT INFO\n\n[Unit]\nDescription=Consul server agent\nRequires=network-online.target\nAfter=network-online.target\n\n[Service]\nUser=consul\nGroup=consul\nPIDFile=\/var\/run\/consul\/consul.pid\nPermissionsStartOnly=true\nExecStartPre=-\/bin\/mkdir -p \/var\/run\/consul\nExecStartPre=\/bin\/chown -R consul:consul \/var\/run\/consul\nExecStart=\/usr\/local\/bin\/consul agent \\\n    -config-file=\/usr\/local\/etc\/consul\/server_agent.json \\\n    -pid-file=\/var\/run\/consul\/consul.pid\nExecReload=\/bin\/kill -HUP $MAINPID\nKillMode=process\nKillSignal=SIGTERM\nRestart=on-failure\nRestartSec=42s\n\n[Install]\nWantedBy=multi-user.target' | sudo tee \/etc\/systemd\/system\/consul.service\n\n# reload daemons and start service\nsudo systemctl daemon-reload\nsudo systemctl start consul\nsudo systemctl enable consul\nsudo systemctl status consul","script_type":"sh","type":"","command_line_args":"","login_credential_local_reference":{"kind":"app_credential","name":"CentOS_Key"}},"timeout_secs":"0","type":"EXEC","variable_list":[]}],"description":"","name":"530745b3_runbook","state":"ACTIVE","main_task_local_reference":{"kind":"app_task","name":"d7e86f4a_dag"},"message_list":[],"variable_list":[]},"type":"","uninstall_runbook":{"task_definition_list":[{"target_any_local_reference":{"kind":"app_package","name":"ConsulPackage"},"retries":"0","description":"","message_list":[],"child_tasks_local_reference_list":[],"name":"1604a1bd_dag","state":"ACTIVE","attrs":{"edges":[],"type":""},"timeout_secs":"0","type":"DAG","variable_list":[]}],"description":"","name":"4fe5f035_runbook","state":"ACTIVE","main_task_local_reference":{"kind":"app_task","name":"1604a1bd_dag"},"message_list":[],"variable_list":[]}},"variable_list":[]},{"description":"CentOS 7 Cloud Disk Image","action_list":[],"type":"SUBSTRATE_IMAGE","service_local_reference_list":[],"name":"Centos_7_Cloud","version":"","options":{"type":"","name":"Centos_7","resources":{"image_type":"DISK_IMAGE","checksum":{"checksum_algorithm":"","type":"","checksum_value":""},"source_uri":"http:\/\/download.nutanix.com\/calm\/CentOS-7-x86_64-GenericCloud.qcow2","version":{"product_version":"7","type":"","product_name":"CentOS"},"architecture":"X86_64","type":""},"description":""},"variable_list":[]},{"description":"","action_list":[],"type":"DEB","service_local_reference_list":[{"kind":"app_service","name":"Vault"}],"name":"VaultPackage","version":"","options":{"install_runbook":{"task_definition_list":[{"target_any_local_reference":{"kind":"app_package","name":"VaultPackage"},"retries":"0","description":"","message_list":[],"child_tasks_local_reference_list":[{"kind":"app_task","name":"1InstallSoftware"}],"name":"d7e86f4a_dag_cloned_1","state":"ACTIVE","attrs":{"edges":[],"type":""},"timeout_secs":"0","type":"DAG","variable_list":[]},{"target_any_local_reference":{"kind":"app_service","name":"Vault"},"retries":"0","description":"","message_list":[],"child_tasks_local_reference_list":[],"name":"1InstallSoftware","state":"ACTIVE","attrs":{"exit_status":[],"script":"#!\/bin\/bash\nset -ex\n\n# yum update and package installation\nsudo yum update -y\nsudo yum install -y unzip wget\n\n# get the consul and vault binaries and put them in the proper locations\nwget https:\/\/releases.hashicorp.com\/consul\/1.4.1\/consul_1.4.1_linux_amd64.zip\nwget https:\/\/releases.hashicorp.com\/vault\/1.0.2\/vault_1.0.2_linux_amd64.zip\nunzip consul_1.4.1_linux_amd64.zip\nunzip vault_1.0.2_linux_amd64.zip\nrm consul_1.4.1_linux_amd64.zip vault_1.0.2_linux_amd64.zip\nsudo mv consul vault \/usr\/local\/bin\/.\nsudo chown root:root \/usr\/local\/bin\/consul \/usr\/local\/bin\/vault\nsudo chcon -u system_u -t bin_t \/usr\/local\/bin\/consul \/usr\/local\/bin\/vault","script_type":"sh","type":"","command_line_args":"","login_credential_local_reference":{"kind":"app_credential","name":"CentOS_Key"}},"timeout_secs":"0","type":"EXEC","variable_list":[]}],"description":"","name":"530745b3_runbook_cloned_0","state":"ACTIVE","main_task_local_reference":{"kind":"app_task","name":"d7e86f4a_dag_cloned_1"},"message_list":[],"variable_list":[]},"type":"","uninstall_runbook":{"task_definition_list":[{"target_any_local_reference":{"kind":"app_package","name":"VaultPackage"},"retries":"0","description":"","message_list":[],"child_tasks_local_reference_list":[],"name":"1604a1bd_dag_cloned_1","state":"ACTIVE","attrs":{"edges":[],"type":""},"timeout_secs":"0","type":"DAG","variable_list":[]}],"description":"","name":"4fe5f035_runbook_cloned_0","state":"ACTIVE","main_task_local_reference":{"kind":"app_task","name":"1604a1bd_dag_cloned_1"},"message_list":[],"variable_list":[]}},"variable_list":[]}],"app_profile_list":[{"deployment_create_list":[{"type":"GREENFIELD","action_list":[],"depends_on_list":[],"name":"5427f389_deployment","published_service_local_reference_list":[],"max_replicas":"3","package_local_reference_list":[{"kind":"app_package","name":"ConsulPackage"}],"substrate_local_reference":{"kind":"app_substrate","name":"ConsulAHV"},"min_replicas":"3","variable_list":[],"description":""},{"type":"GREENFIELD","action_list":[],"depends_on_list":[],"name":"5427f389_deployment_cloned_0","published_service_local_reference_list":[],"max_replicas":"2","package_local_reference_list":[{"kind":"app_package","name":"VaultPackage"}],"substrate_local_reference":{"kind":"app_substrate","name":"VaultAHV"},"min_replicas":"2","variable_list":[],"description":""}],"description":"","action_list":[{"description":"","type":"user","critical":false,"runbook":{"task_definition_list":[{"retries":"0","description":"","child_tasks_local_reference_list":[{"kind":"app_task","name":"UnsealVault"}],"name":"d44fe425_dag","attrs":{"edges":[],"type":""},"timeout_secs":"0","type":"DAG","variable_list":[]},{"target_any_local_reference":{"kind":"app_service","name":"Vault"},"retries":"0","description":"","child_tasks_local_reference_list":[],"name":"UnsealVault","attrs":{"script":"# Set the headers, and url\nheaders = {'Content-Type': 'application\/json', 'Accept': 'application\/json'}\nurl     = \"http:\/\/@@{address}@@:8200\/v1\/sys\/unseal\"\n\n# Set the payload\npayload = {\n  \"key\": \"@@{Key}@@\"\n}\n\n# Make the request\nresp = urlreq(url, verb='PUT', params=json.dumps(payload), headers=headers)\n\n# If the request went through correctly, print it out.  Otherwise error out, and print the response.\nif resp.ok:\n  print json.dumps(json.loads(resp.content), indent=4)\nelse:\n  print \"Put request failed\", resp.content\n  exit(1)\n\n# Print a message stating the vault is unsealed\nif json.loads(resp.content)['sealed'] == False:\n  print \"===========================\"\n  print \"Vault successfully unsealed\"\n  print \"===========================\"\n  exit(0)\n\n# If the vault is still sealed, let the user know the number of keys remaining\nelse:\n  print \"========================================\"\n  print str(json.loads(resp.content)['t']-json.loads(resp.content)['progress']) + \" key(s) remaining until vault unsealed.\"\n  print \"========================================\"\n  exit(0)","type":"","command_line_args":"","exit_status":[],"script_type":"static"},"timeout_secs":"0","type":"EXEC","variable_list":[]}],"description":"","name":"08e9ef8a_runbook","main_task_local_reference":{"kind":"app_task","name":"d44fe425_dag"},"variable_list":[{"val_type":"STRING","description":"","name":"Key","type":"SECRET","value":"","label":"","attrs":{"is_secret_modified":false,"secret_reference":{},"type":""},"editables":{"value":true}}]},"name":"Unseal"},{"description":"","type":"user","critical":false,"runbook":{"task_definition_list":[{"retries":"0","description":"","child_tasks_local_reference_list":[{"kind":"app_task","name":"SealVault"}],"name":"1d4a89f5_dag","attrs":{"edges":[],"type":""},"timeout_secs":"0","type":"DAG","variable_list":[]},{"target_any_local_reference":{"kind":"app_service","name":"Vault"},"retries":"0","description":"","child_tasks_local_reference_list":[],"name":"SealVault","attrs":{"script":"# Set the headers, and url\nheaders = {'Content-Type': 'application\/json', 'Accept': 'application\/json',\n           'X-Vault-Token': '@@{RootToken}@@'}\nurl     = \"http:\/\/@@{address}@@:8200\/v1\/sys\/seal\"\n\n# Make the request\nresp = urlreq(url, verb='PUT', headers=headers)\n  \n# If the request went through correctly, print it out.  Otherwise error out, and print the response.\nif resp.ok:\n  print \"==========================\"\n  print \"Vault successfully sealed.\"\n  print \"==========================\"\n  exit(0)\nelse:\n  print \"Put request failed\", resp.content\n  exit(1)","type":"","command_line_args":"","exit_status":[],"script_type":"static"},"timeout_secs":"0","type":"EXEC","variable_list":[]}],"description":"","name":"09b40569_runbook","main_task_local_reference":{"kind":"app_task","name":"1d4a89f5_dag"},"variable_list":[{"val_type":"STRING","description":"","name":"RootToken","type":"SECRET","value":"","label":"","attrs":{"is_secret_modified":false,"secret_reference":{},"type":""},"editables":{"value":true}}]},"name":"Seal"}],"name":"Default","variable_list":[{"val_type":"STRING","description":"","name":"INSTANCE_PUBLIC_KEY","type":"LOCAL","value":"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDptZXj7ax09bruQT84r4XX4vPdQABaNO4fwf9SxEMj3sZ2YSdaApdrARpYb5XnlvCWpco2CVZIimbzIJe6el9KKGwteOxwt9oFu7VrohXCRruytDikuFz22EN0vnM3qjotGzsKCJSo7biR6+V484YS+1uYhaEBC7gQfaJeBuIHOdQHAuf+KPWsz69c7eQK7poQecOcu5nhnDZ\/\/2tbg3WTlrqk+GUEjknTzWfx8g0A2rya5aVmMgKJoDVYpCyLP+2j1iZt1ZEeNbHAJ1zRtw9G4ZQFvY4mAVSA08XBuBtMBTo6WCeqvVSsxNZDinDNqjvFaM3LD+lIYZrR9c5rI61p centos@example.com","label":"","attrs":{"type":""}},{"val_type":"STRING","description":"","name":"ui","type":"LOCAL","value":"true","label":"","attrs":{"type":""},"editables":{"value":true}},{"val_type":"STRING","description":"","name":"secret_shares","type":"LOCAL","value":"5","label":"","attrs":{"type":""},"editables":{"value":true}},{"val_type":"STRING","description":"","name":"secret_threshold","type":"LOCAL","value":"3","label":"","attrs":{"type":""},"editables":{"value":true}}]}],"published_service_definition_list":[],"default_credential_local_reference":{"kind":"app_credential","name":"CentOS_Key"},"type":"USER"},"name":"HashiCorpVault"},"api_version":"3.0","metadata":{"last_update_time":"1552066076117153","kind":"blueprint","spec_version":7,"creation_time":"1552058115177578","name":"HashiCorpVault"}}