Hi, we have installed vault on a on-premise server with self-managed setup. In the configuration file storage stanza parameters:
storage "file" {
path = "/mnt/vault/data"
}
Questions:
_ Integrated storage (raft) backend applies only for a vault cluster architecture? or is it possible to be configured on standalone?
_ Backup and restore vault data procedures for Vault standalone on-premise?
Thank you,
xxxx
raft makes no sense when you run in standalone node, because raft is a consensus protocol , and to do make this you need a minimal of 3 nodes.
here a doc about raft.
About backup process, if you don’t had raft, you can simply make backup of entire data folder. (i’m not tested, but makes sense for me).
1 Like
As Clayton mentioned, raft is generally used for multinode clusters. Using file if you are only running a single server should be sufficent, but I would consider some external storage such as S3. You can see all the supported storage backends at storage - Configuration | Vault | HashiCorp Developer but would also suggest considering a multi-node cluster for HA, or HCP Vault Dedicated or HCP Vault Secrets depending on your use case(s).
For backup procedures, I don’t think copying the data directory on its own will work as the data is encrypted by your seal mechanism. Check out Standard procedures | Vault | HashiCorp Developer
2 Likes
For backup reason, maybe using single instance of consul as backend is a good idea, because consul backup procedure don’t need raft.
So, you standalone instance needs a vault with a single consul standalone as backend.
1 Like