Open vterdunov opened 3 months ago
Hi @vterdunov,
sorry for the late reply, i somehow missed the notification for this issue :-(
I think, we'd have to do both as in your scenario we cannot know for sure wheter the configured single vault.url is the the leader when the agent starts (or accessible at all) and we have to switch to the leader's address when it changes from one node to an other - and simply trying all nodes until we find the leader does not seem right (or elegant9 either.
I'll look into it. Is this issue a pressing requirement for you to be able to use the agent in your setup or more nice to have?
Hey. It's nice to have. I guess you can use this API call to retrieve the leader address. https://developer.hashicorp.com/vault/api-docs/system/leader
Hi @vterdunov,
i've just released v0.10.18 which adds automatic leader-detection to the agent. Please check it out. I'd appreciate your feedback!
You might also try out release v0.11.0 but you'll have to change your configuration then as i've removed vault.url
there to keep the configuration more straight forward
Kind regards
Hi. The agent
vault.url
should point to the current leader. It's inconvenient if a vault cluster doesn't have a URL that always points to the leader. The second option - agent should to be installed on all vault hosts.I guess it will be more convenient to redirect all requests to the vault leader automatically. Or add new configuration
vault.urls: []
which is list of all vault nodes.