Hi!

I am reading the documentation about Vault upgrade process and see this disclaimer:

" Important: Always back up your data before upgrading! Vault does not make backward-compatibility guarantees for its data store. Simply replacing the newly-installed Vault binary with the previous version will not cleanly downgrade Vault, as upgrades may perform changes to the underlying data structure that make the data incompatible with a downgrade. If you need to roll back to a previous version of Vault, you should roll back your data store as well."

Am I right that Vault does not provide built-in tools for performing a downgrade? E.g. a tool which rolls back breaking changes from a newer version.

Could you please describe somewhere in the documentation step by step, how the downgrade process should be performed? Could I perform a downgrade without a downtime?

Thanks in advance!

As it suggests you would need to recover from the backup you took before the upgrade.

You would have whatever downtime that was needed to perform that recovery, as well as losing any changes made from that point.

In general you don’t want to be in a situation where a downgrade would be considered necessary.

So it is not possible to perform downgrade without a downtime, right?

Sadly, that is correct.

It does make upgrading a production cluster much scarier.

Could we somehow mention it explicitly in the documentation?