Vault helm chart not working with HA enabled


I am using the vault helm chart and have HA mode enabled. I see the following error on the vault pods in my k8s cluster -
“A storage backend must be specified”.

This is the configuration that I am using:
" ha:
enabled: true
apiAddr: null
config: |
ui = true
listener “tcp” {
tls_disable = 1
address = “[::]:8200”
cluster_address = “[::]:8201”
storage “consul” {
path = “vault”
address = “HOST_IP:8500”

I have deployed consul using consul helm chart.
Not sure what am I missing here!


What is HOST_IP in your configuration? Typically, it’ll be your Consul agent, running alongside your Vault node; so, it’ll be the same IP address as your TCP listener. Then it’s that agent that communicates with your Consul servers providing the HA back-end storage.

Vault doesn’t know about your datacenter, or where the Consul servers are, or who’s their leader, etc.

HashiCorp has a great tutorial on setting this up:

Good luck!

Thanks jilj7.

I gave the HOST_IP as localhost since consul agent and vault will be running on the same node. I will go through the linked hashicorp tutorial and see if I am missing anything here.

1 Like

The issue is resolved. The problem was with my configuration.
I am using terraform to deploy helm charts. The ha config in values.yaml was accidentally being overwritten while setting seal “awskms” from my terraform code

1 Like