Is there a way to only enable KV store feature for consul?

We only use consul’s KV store to act as Vault’s storage backend, the workload for Vault is very limited (the number of secrets < 0.5k), so I set the memory.request and memory.limit to both 300Mi on Kubernetes deployment, this configuration works fine for most of the time, but after around 20-30 days running the Consul Pod got OOMKilled even if there’s no extra workloads to vault/consul.

We have a requirement to reduce the overall footprint, so I am asking to see if there is a way to only enable KV store feature and disable other features for consul? in order to reduce the memory usage, thanks!

If you’re only using Consul as the backend for Vault and have no intention to use it for other services have you thought about using the integrated Raft KV store for Vault in place of Consul?
I think that is the recommended workflow these days and would certainly be the least resource intensive since you would not have to deploy consul.

@kschoche Thanks for your reply!
As we developed this deployment: vault/consul a couple of years ago, consul was the recommended storage backend for vault then. If changing storage backend, the upgrade and data migration process might be a new problem.

So I prefer to stay on using Consul now, and seeking advice on if there’s a way to turn off the features other than KV store for Consul in order to reduce memory usage? thanks!

Hi @grantliu3!
There isn’t a way that I’m aware of to disable features within consul in the way you’re expecting. It is possible that, if you’re using an old version of consul, that there may be some memory leak which may have been fixed in a newer version that might help with the memory usage.
Should that not be the case I’m probably going to still say that the best way to reduce this usage would be to lean on integrated raft storage in vault.

Should you choose to explore that, there is a migration guide for Vault here:

Cheers

OK, I’m going to have a look to the details, thanks for your help!