HashiCorp Vault standalone deployment

Evaluating HashiCorp Vault deployment on K8s for following 2 use cases…

  1. HA mode
    For the cases where K8s with multiple node is the deployment platform, planning to use Raft as storage backend… And for B&R will rely on Raft snapshot as recommended in the documentation.
  2. Non-HA / Standalone mode
  • For the cases where K8s with single node is the deployment platform, is it good idea to use Raft as storage backend, so that can minimize multiple storage backend verifications, also we can leverage Raft snapshot feature for B&R…
    Raft seems to support single node deployment as well (eventhough comes with note on high risk of data loss during failure scenarios.): Raft integrated storage | Vault | HashiCorp Developer

  • If not, with file backend, can we leverage CSI volume snapshot to achieve atomic snapshot?