While setting up community edition (i.e., just one node), I noticed a warning message that is getting logged every 5 minutes:
core.raft: skipping new raft TLS config creation, keys are pending
After poking around a bit, this appears to be related to synchronizing backend key rotations when there is more than one node (i.e., enterprise edition). It seems like when there is only one node vault thinks that the last (original?) key rotation is never cleared.
Am I reading this correctly, and if so is there are way to disable this log-filling warning message?
If you are using raft for your backed storage you should have a cluster of 3 or 5 servers.
While you can run a single Vault server if you use other backend storage options, even then it would be recommended to run multiple to maintain high availability.
While there are additional features available with Vault Enterprise (for example performance replicas) there is no requirement for a paid version for basic HA.
Just want to add here that OSS Vault will run as a multi-node cluster (and should, as Stuart mentioned), that is not limited to enterprise edition.
Thanks Stuart and Mike for the responses. I will spin up another node and see if the warnings stop.
Welcome. Just make sure you’re following the reference architecture that Stuart mentioned “should have a cluster of 3 or 5 servers”
You can’t get quorum with 2.