Skip to main content

Load the Files and Start the Containers

In a previous step, you defined the containers that VaultContainers should. You did this by defining them in the .sconfig file and then importing it into the HSM.

In this step, you will load the container images and application config files from an USB stick onto the HSM. Then, you will start and stop the containers.

warning

The container definitions in the .sconfig file that you have loaded reference images names (<image>) and config file names (<config>), as well as container names (<container id="database-1" name="database">).

In this section you must use the same names as in the .sconfig!

Load the files onto an USB stick

Download the VaultCode release files. These contain the Securosys-provided container images as .container files.

Copy the following files onto an USB stick:

  • All container images (.container). At least the database and VaultCode. Optionally, also the TSB.
  • The application configuration files (application-vault-code-hsm.yml).

Insert the USB stick into the Primus HSM or the Decanus terminal.

Alternatively, if you have configured WebDAV on your HSM, put them onto the WebDAV share. See Section 4.4.7 "Data Transfer with WebDAV Server" in the Primus User Guide for how to set up WebDAV.

Load the Container Images

Load the container images from the USB stick onto the HSM. Repeat this for both the database and the vault-code image.

Naming Restrictions

The following characters are allowed in image names and container names: lowercase letters, numbers, and . _ -

SO >>> hsm_sec_container_image_load

Enter name!
 
SO >>> database

Please choose a file by entering its number from the list:
1. database.container
2. vault-code.container
 
SO >>> 1
info

The image name that you are asked to enter must match the <image> field of the .sconfig file.
For example: <image>database</image>

Load the Application Configs

Load the application config file for the VaultCode container.

SO >>> hsm_sec_container_yml_load

Enter name!

SO >>> application-vault-code-hsm.yml

Please choose a file by entering its number from the list:
1. application-tsb-automated-approval.yml
2. application-tsb-hsm.yml
3. application-vault-code-hsm.yml

SO >>> 3
info

The file name that you are asked to enter must match the <config> field of the .sconfig file.
For example: <config>application-vault-code-hsm.yml</config>

Start the Containers

Finally, start the containers. Repeat this for both the database and the vault-code containers.

SO >>> hsm_sec_container_start

Enter name!

SO >>> database

Container started successfully!
info

The file name that you are asked to enter must match the <container name=""> field of the .sconfig file.
For example: <container name="database">

Troubleshooting

To list details about the containers, images, and application configs, run diag containers:

>>> diag containers

Containers
vault-code, status=running, image=vault-code, port=8084, auto_start=enabled, yaml=application-vault-codehsm.yml, last_started=2025-08-13T11:26:24.651040101Z, last_finished=?
database, status=running, image=bitnami-postgresql, auto_start=enabled, yaml=MISSING, last_started=2025-08-13T11:26:24.651040101Z, last_finished=0001-01-01T00:00:00Z
tsb, status=running, image=tsb, port=8081, auto_start=enabled, yaml=application-tsb-automated-approval.yml, last_started=2025-08-13T11:26:24.651040101Z, last_finished=?

Images
tsb
vault-code
database

YAMLs
application-tsb-automated-approval.yml
application-tsb-hsm.yml
application-vault-code-hsm.yml

To list all VaultContainers-related options, run help8:

>>> help8

Container platform commands (Active SO role needed):

Container commands:
  hsm_sec_container_start           - Start a container
  hsm_sec_container_stop            - Stop a container

Container image commands:
  hsm_sec_container_image_load      - Load a container image
  hsm_sec_container_image_update    - Update a loaded container image
  hsm_sec_container_image_delete    - Delete a loaded container image

Container YAML file commands:
  hsm_sec_container_yml_load       - Load a .yml file
  hsm_sec_container_yml_update     - Update a loaded .yml file
  hsm_sec_container_yml_delete     - Delete a loaded .yml file
Get started withCloudHSM for free.
Other questions?Ask Sales.
Last updated on
Feedback
Need help?