FAQ

Vault Integrated Storage: Native Secrets Storage Out-of-Box

Published 7:00 AM UTC Apr 15, 2020

Learn about the new, simpler out-of-box option for Vault setup that involves using built-in Raft-algorithm-based storage rather than an external service.

Speakers

Transcript

Hi, I'm Dan McTeer. I'm a technology specialist here at HashiCorp. I wanted to talk to you today about one of the latest and greatest features in Vault, known as Integrated Storage.

To help conceptualize how Integrated Storage will work, we'll go first to how the current setup is built—where you have a few Vault hosts making up the Vault cluster, and then multiple Consul hosts making up your storage backend. These are attached together—eight hosts per cluster, essentially our base recommendation.

We’ve taken the Raft protocol that we use inside of Consul to manage its storage, and we built it into the Vault software. This allows you to have storage that works natively inside of the Vault service, and not have to run a second service to be able to run the Vault service.

This reduces complexity in deployment. It significantly reduces costs, especially for running the solution in the cloud. But it also eliminates a second point of failure for running the service, which is critical in ensuring that you have the best uptime possible for the Vault service.

To learn more about configuration and administration of Integrated Storage, go to learn.HashiCorp.com.

More resources like this one

  • 4/11/2024
  • FAQ

Introduction to HashiCorp Vault

Vault identity diagram
  • 12/28/2023
  • FAQ

Why should we use identity-based or "identity-first" security as we adopt cloud infrastructure?

  • 3/14/2023
  • Article

5 best practices for secrets management

  • 2/3/2023
  • Case Study

Automating Multi-Cloud, Multi-Region Vault for Teams and Landing Zones

View all resources