Hi,
I have Vault cluster with Consul backend running on k8s as a stateful set (without pvc).
I’m looking for a way to migrate to Vault raft without downtime.
As far as I know vault raft needs pvc, which I currently don’t have so I need to create new cluster with the same data and then forward the traffic to it, without any lost traffic and data.
How can I do it?
Thanks in advance,
Shai Halfon
Let me understand…
do you plan migrate to other vault with other backend different ?
If you migrate to other vault with consul backend, do you need only backup and restore backend consul.
- stop all secret creation process
- create second vault cluster
- backup consul backend in old cluster
- restore consul backend in new cluster
- test the new vault with some application
- change the vault addr reference for the other applications to new cluster.