Start Vault:
vault server -dev
Enable JWT auth mechanism:
----------------------------------------------------------------------------------------------------- | |
Read Test | |
fio --name=randread --ioengine=libaio --iodepth=16 --rw=randread --bs=4k --direct=0 --size=512M --numjobs=4 --runtime=240 --group_reporting | |
----------------------------------------------------------------------------------------------------- | |
writes a total 2GB files [4 jobs x 512 MB = 2GB] running 4 processes at a time: | |
fio --name=randwrite --ioengine=libaio --iodepth=1 --rw=randwrite --bs=4k --direct=0 --size=512M --numjobs=4 --runtime=240 --group_reporting | |
----------------------------------------------------------------------------------------------------- | |
Read Write Performance Test | |
fio --randrepeat=1 --ioengine=libaio --direct=1 --gtod_reduce=1 --name=test --filename=random_read_write.fio --bs=4k --iodepth=64 --size=4G --readwrite=randrw --rwmixread=75 |
#!/bin/bash | |
set -ueo pipefail | |
TEST_DIR=$1 | |
echo "benchmark disk mounted on" $TEST_DIR | |
echo "--> write throughput" | |
sudo fio --name=disk_benchmark --directory=$TEST_DIR --numjobs=8 \ | |
--size=10G --time_based --runtime=60s --ramp_time=2s --ioengine=libaio \ |
$ terraform init | |
$ terraform plan | |
$ terraform apply --auto-approve | |
$ terraform output |
terraform { | |
required_providers { | |
vault = { | |
source = "hashicorp/vault" | |
version = "3.11.0" | |
} | |
} | |
} | |
provider "vault" { |
data "aws_iam_policy_document" "default" { | |
version = "2012-10-17" | |
statement { | |
sid = "FederatedTrustVaultOIDC" | |
effect = "Allow" | |
actions = ["sts:AssumeRoleWithWebIdentity", ] | |
principals { | |
type = "Federated" |
locals { | |
aad_group = var.aad_group | |
application = var.application_name | |
mount_accessor = var.mount_accessor | |
} | |
data "azuread_group" "default" { | |
display_name = local.aad_group | |
} |
#!/bin/sh | |
for x in 10 20 30 | |
do | |
for y in {1..5} | |
do | |
sudo ifconfig lo0 alias 127.0.${x}.${y} | |
done | |
done |
variable "github_jwt_issuer_url" { | |
description = "Issuer URL for GitHub; used in JWT/OIDC auth method configuration." | |
type = string | |
default = "https://token.actions.githubusercontent.com" | |
} | |
variable "github_org_name" { | |
type = string | |
default = "some-github-org" | |
} |
terraform { | |
required_providers { | |
hcp = { | |
source = "hashicorp/hcp" | |
} | |
} | |
} | |
provider "hcp" {} |