Vault

Channel Revision Published Runs on
latest/edge 383 23 Aug 2024
Ubuntu 24.04 Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.10 Ubuntu 22.04 Ubuntu 20.04
latest/edge 367 25 Jul 2024
Ubuntu 24.04 Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.10 Ubuntu 22.04 Ubuntu 20.04
latest/edge 364 23 Jul 2024
Ubuntu 24.04 Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.10 Ubuntu 22.04 Ubuntu 20.04
latest/edge 363 23 Jul 2024
Ubuntu 24.04 Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.10 Ubuntu 22.04 Ubuntu 20.04
latest/edge 336 20 Jun 2024
Ubuntu 24.04 Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.10 Ubuntu 22.04 Ubuntu 20.04
latest/edge 335 20 Jun 2024
Ubuntu 24.04 Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.10 Ubuntu 22.04 Ubuntu 20.04
latest/edge 334 20 Jun 2024
Ubuntu 24.04 Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.10 Ubuntu 22.04 Ubuntu 20.04
latest/edge 333 20 Jun 2024
Ubuntu 24.04 Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.10 Ubuntu 22.04 Ubuntu 20.04
latest/edge 332 20 Jun 2024
Ubuntu 24.04 Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.10 Ubuntu 22.04 Ubuntu 20.04
latest/edge 331 20 Jun 2024
Ubuntu 24.04 Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.10 Ubuntu 22.04 Ubuntu 20.04
latest/edge 330 20 Jun 2024
Ubuntu 24.04 Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.10 Ubuntu 22.04 Ubuntu 20.04
latest/edge 329 20 Jun 2024
Ubuntu 24.04 Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.10 Ubuntu 22.04 Ubuntu 20.04
latest/edge 220 20 Jan 2024
Ubuntu 24.04 Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.10 Ubuntu 22.04 Ubuntu 20.04
latest/edge 216 19 Jan 2024
Ubuntu 24.04 Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.10 Ubuntu 22.04 Ubuntu 20.04
latest/edge 214 19 Jan 2024
Ubuntu 24.04 Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.10 Ubuntu 22.04 Ubuntu 20.04
latest/edge 213 19 Jan 2024
Ubuntu 24.04 Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.10 Ubuntu 22.04 Ubuntu 20.04
latest/edge 109 18 Apr 2023
Ubuntu 24.04 Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.10 Ubuntu 22.04 Ubuntu 20.04
latest/edge 79 02 Aug 2022
Ubuntu 24.04 Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.10 Ubuntu 22.04 Ubuntu 20.04
1.16/stable 387 12 Sep 2024
Ubuntu 22.04
1.16/candidate 387 12 Sep 2024
Ubuntu 22.04
1.16/beta 387 12 Sep 2024
Ubuntu 22.04
1.16/edge 393 Today
Ubuntu 22.04
1.15/stable 357 24 Jul 2024
Ubuntu 22.04
1.15/candidate 357 24 Jul 2024
Ubuntu 22.04
1.15/beta 357 24 Jul 2024
Ubuntu 22.04
1.15/edge 376 31 Jul 2024
Ubuntu 22.04
1.8/stable 372 26 Jul 2024
Ubuntu 22.04
1.8/edge 164 09 Aug 2023
Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.04
1.8/edge 162 09 Aug 2023
Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.04
1.8/edge 161 09 Aug 2023
Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.04
1.8/edge 159 09 Aug 2023
Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.04
1.8/edge 157 09 Aug 2023
Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.04
1.8/edge 156 09 Aug 2023
Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.04
1.8/edge 155 09 Aug 2023
Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.04
1.8/edge 154 09 Aug 2023
Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.04
1.8/edge 140 07 Aug 2023
Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.04
1.8/edge 138 04 Aug 2023
Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.04
1.8/edge 135 04 Aug 2023
Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.04
1.8/edge 131 04 Aug 2023
Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.04
1.7/stable 371 26 Jul 2024
Ubuntu 22.04 Ubuntu 20.04
1.6/stable 369 26 Jul 2024
Ubuntu 20.04 Ubuntu 18.04
1.5/stable 370 26 Jul 2024
Ubuntu 20.04 Ubuntu 18.04
juju deploy vault --channel 1.15/beta
Show information

Platform:

Ubuntu
24.04 23.10 23.04 22.10 22.04 20.04 18.04

Scale

The Vault charm uses the raft backend to scale. This guide walks you through scaling Vault.

Pre-requisites:

  • Vault is initialised and unseal
  • The Vault charm is authorised

1. Validate that Vault is an active state

Run juju status:

Model  Controller           Cloud/Region         Version  SLA          Timestamp
demo   localhost-localhost  localhost/localhost  3.4.0    unsupported  12:11:19-04:00

App    Version  Status  Scale  Charm  Channel    Rev  Exposed  Message
vault           active      1  vault  1.15/beta  257  no       

Unit      Workload  Agent  Machine  Public address  Ports  Message
vault/0*  active    idle   0        10.191.126.116         

Machine  State    Address         Inst id        Base          AZ  Message
0        started  10.191.126.116  juju-b8368f-0  ubuntu@22.04      Running

2. Scale Vault to 3 units

Add 2 more units:

juju add-unit vault -n 2

The new units will be sealed:

Model  Controller           Cloud/Region         Version  SLA          Timestamp
demo   localhost-localhost  localhost/localhost  3.4.0    unsupported  12:19:14-04:00

App    Version  Status   Scale  Charm  Channel    Rev  Exposed  Message
vault           blocked      3  vault  1.15/beta  257  no       Waiting for Vault to be unsealed

Unit      Workload  Agent  Machine  Public address  Ports  Message
vault/0*  active    idle   0        10.191.126.116         
vault/1   blocked   idle   1        10.191.126.151         Waiting for Vault to be unsealed
vault/2   blocked   idle   2        10.191.126.90          Waiting for Vault to be unsealed

Machine  State    Address         Inst id        Base          AZ  Message
0        started  10.191.126.116  juju-b8368f-0  ubuntu@22.04      Running
1        started  10.191.126.151  juju-b8368f-1  ubuntu@22.04      Running
2        started  10.191.126.90   juju-b8368f-2  ubuntu@22.04      Running

Set the VAULT_ADDR variable to the vault/1 unit:

export VAULT_ADDR=https://$(juju status vault/1 --format=yaml | awk '/public-address/ { print $2 }'):8200; echo $VAULT_ADDR

Unseal the the vault/1 unit using the same unseal keys as received during the initialization of the Vault leader:

vault operator unseal EJoB62t286mjUpSQYZg3mOla3lz/bbElVL5OLnj+rpE=

And complete the same operations for the vault/2 unit:

export VAULT_ADDR=https://$(juju status vault/2 --format=yaml | awk '/public-address/ { print $2 }'):8200; echo $VAULT_ADDR
vault operator unseal EJoB62t286mjUpSQYZg3mOla3lz/bbElVL5OLnj+rpE=

3. Validate that all units are part of the cluster

All units should go to the Active/Idle Juju status:

$ juju status
Model  Controller           Cloud/Region         Version  SLA          Timestamp
demo   localhost-localhost  localhost/localhost  3.4.0    unsupported  12:24:32-04:00

App    Version  Status  Scale  Charm  Channel    Rev  Exposed  Message
vault           active      3  vault  1.15/beta  257  no       

Unit      Workload  Agent  Machine  Public address  Ports  Message
vault/0*  active    idle   0        10.191.126.116         
vault/1   active    idle   1        10.191.126.151         
vault/2   active    idle   2        10.191.126.90          

Machine  State    Address         Inst id        Base          AZ  Message
0        started  10.191.126.116  juju-b8368f-0  ubuntu@22.04      Running
1        started  10.191.126.151  juju-b8368f-1  ubuntu@22.04      Running
2        started  10.191.126.90   juju-b8368f-2  ubuntu@22.04      Running

And they should all be part of the raft cluster:

$ vault operator raft list-peers
Node            Address                State       Voter
----            -------                -----       -----
demo-vault/0    10.191.126.116:8201    leader      true
demo-vault/1    10.191.126.151:8201    follower    true
demo-vault/2    10.191.126.90:8201     follower    true

Help improve this document in the forum (guidelines). Last updated 7 months ago.