#Move to the root directory cd root #Create directory vault mkdir /root/vault #Create directories data, plugins, bin under root/vault mkdir /root/vault/data mkdir /root/vault/plugins mkdir /root/vault/bin #Move to the bin folder created under root/vault/ cd /vault/bin #Update the PATH Variable export PATH=$PATH:/root/vault/bin #Check the Path Variable echo $PATH # Install wget yum install wget #Install Vault 1.8.2 version wget https://releases.hashicorp.com/vault/1.8.2/vault_1.8.2_linux_amd64.zip #Install unzip yum install unzip #Unzip the downloaded file unzip vault_1.8.2_linux_amd64.zip #Remove the downloaded file rm vault_1.8.2_linux_amd64.zip #Create a directory to store Oracle mkdir /opt/oracle #Move to the directory /opt/oracle cd /opt/oracle #Download Oracle instant client( instantclient-basic-linux.x64-12.2.0.1.0.zip) from the page https://www.oracle.com/in/database/technologies/instant-client/linux-x86-64-downloads.html #in the local system and copy the downloaded file to the container by using following commands outside the container #Get the container id of the Centos.1st field is the containerid docker ps #Copy the centos containerid to the folder /opt/oracle inside the centos container in the below command docker cp ~/downloads/instantclient-basic-linux.x64-12.2.0.1.0.zip containerid:/opt/oracle # Check the file is copied or not in the centos container ls #Unzip the copied file unzip instantclient-basic-linux.x64-12.2.0.1.0.zip #Remove the copied File rm instantclient-basic-linux.x64-12.2.0.1.0.zip # Install sudo yum install sudo #Execute the following commands: sudo sh -c "echo /opt/oracle/instantclient_12_2 > /etc/ld.so.conf.d/oracle-instantclient.conf" sudo ldconfig ln -s libclntsh.so.12.1 libclntsh.so ln -s libocci.so.12.1 libocci.so #Install libaio yum install libaio # Set the LD_LIBRARY_PATH export LD_LIBRARY_PATH=/opt/oracle/instantclient_12_2:$LD_LIBRARY_PATH #Check the LD_LIBRARY_PATH value echo $LD_LIBRARY_PATH #Update the PATH Variable export PATH=$PATH:/opt/oracle/instantclient_12_2 #Check the Path Variable Value echo $PATH #Set the ORACLE_HOME Variable export ORACLE_HOME=/opt/oracle/instantclient_12_2 #Check the Oracle Home Variable echo $ORACLE_HOME # Give full access to /opt/ recursively chmod -R 777 /opt/* #Downloaded the Oracle Plugin 0.4.2 (vault-plugin-database-oracle_0.4.2_linux_amd64.zip) from the following page https://releases.hashicorp.com/vault-plugin-database-oracle/0.4.2/ # Execute the following commands outside the container #Get the container id of the Centos.1st field is the containerid docker ps #Copy the centos containerid to the folder /root/vault/plugins inside the centos container by executing the below command docker cp ~/downloads/vault-plugin-database-oracle_0.4.2_linux_amd64.zip containerid:/root/vault/plugins # Check the file is copied or not in the centos container ls #Unzip the copied file unzip /root/vault/plugins/vault-plugin-database-oracle_0.4.2_linux_amd64.zip #Remove the copied File rm /root/vault/plugins/vault-plugin-database-oracle_0.4.2_linux_amd64.zip # Create a Directory to store vault Config file mkdir /root/vault/configs #Give full access to the root directory chmod -R 777 /root/* #Crete a vault config file and place the contents highlighted in Bold in the file and save the file Vi /root/vault/configs/vault-config.hcl listener "tcp" { address = "0.0.0.0:443" tls_disable = "true" } storage "file" { path = "/root/vault/data" } plugin_directory="/root/vault/plugins" api_addr = "http://127.0.0.1:443" disable_mlock = "true" ui = "true" # Run the Vault server by calling the nohup command nohup vault server -config=/root/vault/configs/vault-config.hcl & # Check the nohup.out file to check whether vault is running or not cat nohup.out # Install SHA256 yum install perl-Digest-SHA -y #Set the Vault Address ENV VARIABLES export VAULT_ADDR='http://127.0.0.1:443’ #Go to http://127.0.0.1:443/ui/vault/ and unseal vault and login using Root Token and enable Database Secrets Engine at the default path #Set the Vault Token Value as export VAULT_TOKEN=“” #Write the SHA256 Value of the oracle plugin to a Temp File using the following command shasum -a 256 vault-plugin-database-oracle > /tmp/oracle-plugin.sha256 #Get the first field value in the temp File. Fileds are separated by “tab” cat /tmp/oracle-plugin.sha256 # Register the Plugin to Vault vault write sys/plugins/catalog/database/vault-plugin-database-oracle sha256="d672c1d2156598852582beb81e2b73482e2ca7c5422f4c68106e3f416ad4ddc8" command="vault-plugin-database-oracle" #Create a Connection vault write database/config/oraconn \ plugin_name=vault-plugin-database-oracle \ allowed_roles="*" \ connection_url='{{username}}/{{password}}@host.docker.internal:1521/ORCLPDB1.localdomain' \ username=‘username’ \ password=‘passoword’