I’m currently working on a backup/restore feature on our app which uses:
- postgresql for data
- vault for managing postgresql users credentials, which uses
vaultuserfor connecting to postgresql
- vault-agent for giving these credentials to our app pods
I’m able to do a restore by using
vault operator raft snapshot restore and restoring the password for
vaultuser. After this, the vault-agent in the app pods seem to take a long time to take this state change into account. For a few minutes it stays will older credentials pre-restore, then new credentials kick in. After that, my app works perfectly with the restored state.
Am I missing a step? Is there a way to tell the vault-agents to request new credentials faster?