Upgrading from Vault 0.7.2 more work then standing up new cluster with latest version?

Inherited a 0.7.2 cluster that is only handling auth token issue/renew for a k8s cluster using consul-template (v0.19.4) and Consul (v0.8.3).

Would it be more work upgrading from 0.7.2 to the latest Vault or just standup a new Vault cluster and slowly migrate the k8s nodes to point to the new Vault?

1 Like

hi @dingobaby

This is an excellent question. It’s also a question that has no right or wrong answer. I would normally advise people to look at the change logs and under stand the changes, especially breaking changes between your current version and all versions up to your target version . You can find the change logs here: https://github.com/hashicorp/vault/blob/master/CHANGELOG.md

With this information, you can make an informed decision as to whether you want to to follow an upgrade path, which may include stepping up in increments, or migrating to a newly built Vault cluster. The decision is really about risk of loosing data. The change log should tell you about any major schema changes so you will be able to decide if the risk is too much for you, or acceptable.

Your version is very old and there have been several releases since then. I also note that your use case means the migration to a new Vault shouldn’t cause too many issues and could be the least risky approach. I go back to my first point, there is no right or wrong answer to this question