search

Argelbargel / vault-raft-snapshot-agent

An agent which creates periodic snapshots of Vault's integrated raft storage and stores them locally or in remote storages as backup in case of system failure or user errors.
MIT License
9 stars 3 forks source link

Redirect requests to leader #32

Open vterdunov opened 3 months ago

vterdunov commented 3 months ago

Hi. The agent vault.url should point to the current leader. It's inconvenient if a vault cluster doesn't have a URL that always points to the leader. The second option - agent should to be installed on all vault hosts.

I guess it will be more convenient to redirect all requests to the vault leader automatically. Or add new configuration vault.urls: [] which is list of all vault nodes.

Argelbargel commented 3 months ago

Hi @vterdunov,

sorry for the late reply, i somehow missed the notification for this issue :-(

I think, we'd have to do both as in your scenario we cannot know for sure wheter the configured single vault.url is the the leader when the agent starts (or accessible at all) and we have to switch to the leader's address when it changes from one node to an other - and simply trying all nodes until we find the leader does not seem right (or elegant9 either.

I'll look into it. Is this issue a pressing requirement for you to be able to use the agent in your setup or more nice to have?

vterdunov commented 2 months ago

Hey. It's nice to have. I guess you can use this API call to retrieve the leader address. https://developer.hashicorp.com/vault/api-docs/system/leader

Argelbargel commented 4 days ago

Hi @vterdunov,

i've just released v0.10.18 which adds automatic leader-detection to the agent. Please check it out. I'd appreciate your feedback! You might also try out release v0.11.0 but you'll have to change your configuration then as i've removed vault.url there to keep the configuration more straight forward

Kind regards