cloudfoundry-community / safe-boshrelease

A simplified HA Vault intended to be used with `safe`
MIT License
8 stars 9 forks source link

Vault may fail to start up after upgrading to release 0.3.2 #43

Open krutten opened 2 years ago

krutten commented 2 years ago

When upgrading from safe-boshrelease before 0.3.2 to 0.3.2 the Consul is bumped from Consul 0.7.0 to 1.11.3

This causes the Raft version to upgarde from 1 to 3 (see https://www.consul.io/docs/upgrading/upgrade-specific#raft-protocol-version-compatibility)

It is a known issue that a single node Consul may fail to elect a leader after the upgrade, preventing Consul and Vault from starting.

A manual fix is documented at https://learn.hashicorp.com/tutorials/consul/recovery-outage#failure-of-a-single-server-cluster-after-upgrading-raft-protocol and requires making a peers.json file in the /var/vcap/store/vault/consul/raft folder.