In Linux Operating system, full disk encryption could be achieved by various solutions: encryptfs, dm-crypt, cryptsetup… While a step-by-step setup of disk/partition encryption can be referred from official documentation, integration disk encryption with Key Management solution like Hashicorp Vault is unobvious. Fortunately, there are a package named vaultlocker in Ubuntu Universe repository that ease this integration. I decided to spend my free time to make cryptsetup work with Vault. Notes: A similar request has been made to Cryptsetup but it goes outside of cryptsetup so it was closed. 1. Install Vault As JuJu charm store has working Vault/MySQL charms, Vault deployment is as simple and easy as following commands $ juju deploy percona-cluster $ juju deploy vault $ juju relate vault:shared-db percona-cluster Vault needs to be initialized and unsealed before it can provide its secure services. I followed below steps to initialize Vault $ juju ssh vault/0 $ export VAU
Comments