Disaster recovery best practices for vault + consul

bruno · April 6, 2018, 11:01pm

Hi there,

First of all I wanted to say “Thank you” to Gruntwork.io for the awesome resources that are the modules and examples. It’s saved me a lot of work

As I go through the process of building up my vault + consul clusters, I am now more in the realm of “how do I setup a resilient backup and disaster recovery process” as I will be replacing some ageing HSMs with Vault and I want to have a good level of assurance that all the data that Vault needs is backed up regularly and I have a known process to recover in case of a, say, major outage of our consul cluster.

I know of consul snapshot save but … what I am wondering is … is that the best I can do? Is there a solution that’s already been implemented that’s battle tested ?

Thanks in advance,
/B

jim · April 6, 2018, 11:26pm

Glad to hear you found the modules useful

consul snapshot save is probably the best right now, or even consul snapshot agent if you have Consul Enterprise. There’s also a similar consul-snapshot open source project.

We’ve been discussing with a potential customer adding first-class support for backups, replication, and other features, but I’m not sure if/when that project will happen.

Topic		Replies	Views
Relation with hashicorp, specifically for registry.terraform.io Gruntwork Customers	11	1206	December 14, 2017
Private TLS CA and cert: module-security vs terraform-aws-vault? Gruntwork Customers guidance	1	686	April 10, 2018
Gruntwork impressions of re:Invent? Gruntwork Customers aws	2	684	December 4, 2017
Using Data with Modules sourced from Registry/Github Gruntwork Customers modules	3	1786	March 7, 2019
Infrastructure-modules-acme update for tf 0.12? Gruntwork Customers modules	1	692	July 18, 2019

Disaster recovery best practices for vault + consul

Related topics