Vault Integrated Storage: Native Secrets Storage Out-of-Box
Apr 15, 2020
Learn about the new, simpler out-of-box option for Vault setup that involves using built-in Raft-algorithm-based storage rather than an external service.
- Dan McTeerTechnical Specialist, HashiCorp
To help conceptualize how Integrated Storage will work, we'll go first to how the current setup is built—where you have a few Vault hosts making up the Vault cluster, and then multiple Consul hosts making up your storage backend. These are attached together—eight hosts per cluster, essentially our base recommendation.
We’ve taken the Raft protocol that we use inside of Consul to manage its storage, and we built it into the Vault software. This allows you to have storage that works natively inside of the Vault service, and not have to run a second service to be able to run the Vault service.
This reduces complexity in deployment. It significantly reduces costs, especially for running the solution in the cloud. But it also eliminates a second point of failure for running the service, which is critical in ensuring that you have the best uptime possible for the Vault service.
To learn more about configuration and administration of Integrated Storage, go to learn.HashiCorp.com.