Unable to run vault 0.10.0 in a cluster

[dalekurt]

I tried to test the update of vault 0.10.0 within the terraform deployment, having built the GCP instance image with packer updating consul (v 1.0.7) and vault (v 0.10.0). Vault would not start and a tail of the log gave the following:

tail /opt/vault/log/vault-stdout.log

Address "https://10.128.0.7:8201" used for both API and cluster addresses
Address "https://10.128.0.7:8201" used for both API and cluster addresses
Address "https://10.128.0.7:8201" used for both API and cluster addresses
Address "https://10.128.0.7:8201" used for both API and cluster addresses
Address "https://10.128.0.7:8201" used for both API and cluster addresses

[lawliet89]

This is related to https://github.com/hashicorp/terraform-aws-vault/pull/61 and should be fixable with a similar fix.

[josh-padnick]

It seems that we're still waiting on confirmation in https://github.com/hashicorp/terraform-aws-vault/pull/61 that the changes reflect the official docs. From a quick browse of Vault docs, I actually don't see those changes.

In the meantime, since this seems to be a legitimate issue, PRs welcome!

[jefferai]

@josh-padnick The changes in terraform-aws-vault are official. I'm not sure what you are referring to in terms of browsing the Vault docs, but if you have the same behavior (cluster port being used for both api_addr and cluster_addr) it is incorrect.

[josh-padnick]

Oh, I see. Under High Availability Parameters, you now explicitly list api_addr and cluster_addr. It wasn't obvious to me that those are top-level config params that only apply when an HA storage backend is used. Thanks for clarifying.

In any case, the directive here remains: A PR to fix this issue would be great!

[madmod]

@josh-padnick I have implemented this fix in PR #17.