Hi, I’m trying to set up an HA vault (OSS) deployment using raft storage backend and in front of it there is a load balancer (HAproxy in that case). The vault service on HAproxy is listening on port
443 using a dedicated virtual IP (
vault-vip.example.com) while the “official” vault FQDN used by client (users, applications etc.) is
Vault service on every raft cluster node is listening on port 8200 (reachable only from other cluster nodes and LB).
Right now, I’m using
leader_api_addr for raft storage backend,
cluster_addr is reachable only from other cluster nodes).
Am I doing it right?
Supposing that I need to setup a new independent cluster just for test (different nodes, different virtual IP etc.) can I still use
api_addr or this can create some kind of problems (locally I’m going to change
/etc/hosts to let
vault.example.com to point the new cluster virtual IP)?