1. SETUP A CONJUR OSS ENVIRONMENT
In this unit you will learn how to install Conjur OpenSource using Docker.
At the end of this section:
You will have a working Conjur OSS environment with a Conjur account and an admin user.
Open a terminal session and browse to conjur-quickstart. Pull the Docker images defined in docker-compose.yml:
When the required images are successfully pulled, the terminal returns the following:
Pulling openssl ... done
Pulling bot_app ... done
Pulling database ... done
Pulling conjur ... done
Pulling proxy ... done
Pulling client ... done
The master data key will be used later to encrypt the database.
In the working directory, generate the key and store it to a file:
* Tip: Although not mandatory, we prefer to store sensitive data to a file and not to display it directly on console screen.
The data key is generated in the working directory and is stored in a file called data_key.
When the key is generated, the terminal returns the following:
Creating network "conjur-quickstart_default" with the default driver
Load data_key file content (the master data key) as an environment variable:
Start the Conjur OSS environment:
When Conjur OSS starts, the terminal returns the following:
Creating postgres_database ... done
Creating bot_app ... done
Creating openssl ... done
Creating conjur_server ... done
Creating nginx_proxy ... done
Creating conjur_client ... done
Run the following command to see a list of running containers:
Create a Conjur account and initialize the built-in admin user.
An account named myConjurAccount is created and the admin user is initialized, following keys are created and stored at admin_data file:
- admin user API key. Later on, we will use this key to log in to Conjur.
myConjurAccountConjur account public key.
This is a one-time action. For the duration of the container’s life or until additional initcommand is issued, the Conjur client and the Conjur server remain connected.
Use the account name You will be prompted to trust the TLS certificate of the Conjur server. Type `y` to trust the certificate.
The terminal returns the following output:
Wrote configuration to /root/.conjurrc