search

coreos / vault-operator

Run and manage Vault on Kubernetes simply and securely
https://coreos.com/blog/introducing-vault-operator-project
Apache License 2.0
758 stars 110 forks source link

vault replication across regions #330

Open raoofm opened 6 years ago

raoofm commented 6 years ago

It would be great to have a way to specify a secondary vault cluster running in a different region(DC) via vault-operator. Similar to what vault has as a secondary performace/DR replication.

Right now as there is no way to specify an existing etcd cluster #303 to be used by vault-operator, it is not possible to solve the DR problem by using etcd make-mirror tool.

So if #303 is solved then replication for DR will be possible but still some work is needed to be done in vault-operator to enable performance or keys only mirroring for below depoyment config 1 active writable n active readable across regions n standby across regions

lcgkm commented 6 years ago 
Using replication requires a storage backend that supports transactional updates, such as Consul.

https://www.vaultproject.io/docs/internals/replication.html