brikis98
commented
6 years ago Each Vault server is running a local Consul Agent in client mode. The Consul Agent is what talks to the Consul Servers. So the full flow is:
Vault -> Local Consul Agent (Client) -> Consul Server
prys
If I understand correctly, this TF script deploys Consul agents in server mode, under a tier of Consul agents running as clients. The architecture shown in https://github.com/hashicorp/terraform-aws-vault implies that Vault talks directly to the Consul server agents - i.e. no Consul client agents. Is that correct?
Just wondering what a Prod architecture would like like, i.e. Vault - Consul Client - Consul Server or Vault - Consul Server?
Much appreciated in advance