Trying to understand frontend in HA models

I’m building a Vault deployment using this recommended 2 AZ OSS model in the tutorials.

I’m new at this, but it doesn’t seem possible to deploy a UI frontend without a LB to redirect users to a different Vault server in the event of a failure of the primary. Is this correct? I read through the load balancer section in the tutorials which I think I understand, except for how to configure the LB to know which Vault server is the primary. Are there any docs or recommendations on how to set up a LB specifically for access to the UI? I assume you’d need to turn on the UI flag on all servers, not just the primary.

If you would use Consul for service registration and dns resolver, you could point to active.vault.service.consul or standby.vault.service.consul. So Consul would be you load balancer.

1 Like