We use Open Source Vault in production with the K/V Store V1. I want to upgrade it to V2.
Since there is going to be a change in the path I’d like to know what the best practices are and if anyone has made this experience and can share their lessons learned.
It sounds like you’d be upgrading to the v2 secrets engine as described here, and then moving the secrets as described here. I haven’t actually done such a migration with prod data myself, but if I were to do it, I’d probably make a back-up/snapshot of the database data, then try both commands in staging just to make sure I know what to expect. From there, if/when I felt comfortable, I’d do the same in production.
Hopefully there will be others who can also weigh in more directly from an experiential point of view.
it also would require refactoring/reengineering efforts of integrated solutions, if the KV schema in Vault has been communicated as an agreement to your clients.