operator
operator
命令包含一组操作系统管理员管理 Vault 服务的子命令。大多数用户不会需要使用这些命令。
例子
初始化一个新的 Vault 集群:
$ vault operator init
Unseal Key 1: sP/4C/fwIDjJmHEC2bi/1Pa43uKhsUQMmiB31GRzFc0R
Unseal Key 2: kHkw2xTBelbDFIMEgEC8NVX7NDSAZ+rdgBJ/HuJwxOX+
Unseal Key 3: +1+1ZnkQDfJFHDZPRq0wjFxEuEEHxDDOQxa8JJ/AYWcb
Unseal Key 4: cewseNJTLovmFrgpyY+9Hi5OgJlJgGGCg7PZyiVdPwN0
Unseal Key 5: wyd7rMGWX5fi0k36X4e+C4myt5CoTmJsHJ0rdYT7BQcF
Initial Root Token: 6662bb4a-afd0-4b6b-faad-e237fb564568
# ...
强制 Vault 节点辞任集群领导者节点:
$ vault operator step-down
Success! Stepped down: https://127.0.0.1:8200
轮替 Vault 底层的加密密钥:
$ vault operator rotate
Success! Rotated key
Key Term 2
Install Time 01 Jan 07 12:30 UTC
可用子命令
Usage: vault operator <subcommand> [options] [args]
# ...
Subcommands:
generate-root Generates a new root token
init Initializes a server
key-status Provides information about the active encryption key
rekey Generates new unseal keys
rotate Rotates the underlying encryption key
seal Seals the Vault server
step-down Forces Vault to resign active duty
unseal Unseals the Vault server
每种子命令的详细使用方法,请阅读对应的章节。