Disaster recovery best practices for vault + consul



Hi there,

First of all I wanted to say “Thank you” to Gruntwork.io for the awesome resources that are the modules and examples. It’s saved me a lot of work :wink:

As I go through the process of building up my vault + consul clusters, I am now more in the realm of “how do I setup a resilient backup and disaster recovery process” as I will be replacing some ageing HSMs with Vault and I want to have a good level of assurance that all the data that Vault needs is backed up regularly and I have a known process to recover in case of a, say, major outage of our consul cluster.

I know of consul snapshot save but … what I am wondering is … is that the best I can do? Is there a solution that’s already been implemented that’s battle tested ? :slight_smile:

Thanks in advance,


Glad to hear you found the modules useful :slight_smile:

consul snapshot save is probably the best right now, or even consul snapshot agent if you have Consul Enterprise. There’s also a similar consul-snapshot open source project.

We’ve been discussing with a potential customer adding first-class support for backups, replication, and other features, but I’m not sure if/when that project will happen.