Hello,
I’m attempting to use a Vault plugin available at this GitHub repository. On a development server, the plugin operates correctly when I start the server with the following command:
bash
vault server -dev -dev-root-token-id=root -dev-plugin-dir=./etc/vault.d/plugins
After initiating the server, I execute these steps:
bash
vault secrets enable boundary
vault write boundary/config \
addr="http://hcp-boundary-address:9200" \
login_name=admin-username \
password=admin-password \
auth_method_id=auth-method-id
...
However, when I try to use the plugin on my production instance with the same plugin binary and Vault binary, setting the plugin directory as:
Hcl (Vault config file)
plugin_directory = "/etc/vault.d/plugins"
And registering the plugin with:
bash
vault plugin register -version=v1.0.2 -sha256=eef52103d13ce6fc3d777a1a3a5784f51493f883474ab96fee07c5b70b091f17 secret /boundary
Following the same steps as in the development environment, I encounter an error when running the vault write boundary/config command:
log
2024-01-07T15:54:50.026Z [ERROR] rollback: error rolling back: path=boundary/
error=
| Unrecognized remote plugin message:
| Failed to read any lines from plugin's stdout
| This usually means
| the plugin was not compiled for this architecture,
| the plugin is missing dynamic-link libraries necessary to run,
| the plugin is not executable by this process due to file permissions, or
| the plugin failed to negotiate the initial go-plugin protocol handshake
|
| Additional notes about plugin:
| Path: /etc/vault.d/plugins/boundary
| Mode: -rwxrwxrwx
| Owner: 0 [root] (current: 0 [root])
| Group: 0 [root] (current: 0 [root])
| ELF architecture: EM_X86_64 (current architecture: amd64)
I’m looking for advice on how to resolve this error and successfully utilize the plugin in my production environment.