DEVHIDE
Login Or Sign up

How to fix "vault connection failed due to proxy issue" in spring-boot vault integration?

748 Views Asked by At

I want to connect to vault using a proxy. Here in my case, I only require proxy for vault connection, how can we specify the same?

I tried with below configuration:

spring:
  application:
    name: qualifier-service
  profiles:
    active: ${spring_profiles_active}
  cloud:
    vault:
      enabled: true
      uri: ${vault_uri}
      port: 443
      scheme: https
      proxy:
        https:
          host: proxyHost
          port: 123
      namespace: ${vault_namespace}
      authentication: TOKEN
      token: ${spring_cloud_config_token}

      generic:
        enabled: true
        backend: kv
        kvVersion: 2
        profile-separator: '/'
        default-context: qualifier-service
        application-name: qualifier-service

I am getting the below error:

Vault location [kv/qualifier-service] not resolvable: Cannot login using org.springframework.web.client.ResourceAccessException: I/O error on POST request for "https://vault.url:443/v1/auth/aws/login": Connect to vault.url:443   failed: connect timed out;

How can we pass a proxy specifically for vault. My service is connecting a cloud config server and other external services also but they don't required a proxy.

Any help on this is deeply appreciated.

spring-boot proxy cloud hashicorp-vault
Original Q&A
1

There are 1 best solutions below

0
On

From the documentation:

You can configure the resttemplate: https://docs.spring.io/spring-cloud-vault/docs/current/reference/html/config-data.html#vault.configdata.customization

import org.apache.http.HttpHost;
import org.apache.http.impl.client.HttpClients;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.http.client.HttpComponentsClientHttpRequestFactory;
import org.springframework.vault.config.AbstractVaultConfiguration.ClientFactoryWrapper;

@SpringBootApplication
public class VaultTestApplication {

    public static void main(String[] args) {
        SpringApplication application = new SpringApplication(VaultTestApplication.class);
        application.addBootstrapRegistryInitializer(registry -> registry.register(
                        ClientFactoryWrapper.class,
                        ctx -> new ClientFactoryWrapper(
                                new HttpComponentsClientHttpRequestFactory(
                                        HttpClients.custom()
                                                .setProxy(HttpHost.create("localhost:8080"))
                                                .build()
                                )
                        )
                )
        );
        application.run(args);
    }
}

Alternatively:

If passing all traffic through the proxy is fine, setting the java properties

-Dhttp.proxyHost=...
-Dhttp.proxyPort=...
-Dhttps.proxyHost=...
-Dhttps.proxyPort=...

will work if you have httpcomponents in your project (Vault will pick it up) e.g.

<dependency>
  <groupId>org.apache.httpcomponents</groupId>
  <artifactId>httpclient</artifactId>
</dependency>

Related Questions in SPRING-BOOT

Related Questions in PROXY

Related Questions in CLOUD

Related Questions in HASHICORP-VAULT

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Popular Questions

Copyright © 2021 Jogjafile Inc.