mirror of
https://github.com/hashicorp/vault.git
synced 2026-04-02 15:47:03 -04:00
c0bbeba5ad
Vault will now register itself with Consul. The active node can be found using `active.vault.service.consul`. All standby vaults are available via `standby.vault.service.consul`. All unsealed vaults are considered healthy and available via `vault.service.consul`. Change in status and registration is event driven and should happen at the speed of a write to Consul (~network RTT + ~1x fsync(2)). Healthy/active: ``` curl -X GET 'http://127.0.0.1:8500/v1/health/service/vault?pretty' && echo; [ { "Node": { "Node": "vm1", "Address": "127.0.0.1", "TaggedAddresses": { "wan": "127.0.0.1" }, "CreateIndex": 3, "ModifyIndex": 20 }, "Service": { "ID": "vault:127.0.0.1:8200", "Service": "vault", "Tags": [ "active" ], "Address": "127.0.0.1", "Port": 8200, "EnableTagOverride": false, "CreateIndex": 17, "ModifyIndex": 20 }, "Checks": [ { "Node": "vm1", "CheckID": "serfHealth", "Name": "Serf Health Status", "Status": "passing", "Notes": "", "Output": "Agent alive and reachable", "ServiceID": "", "ServiceName": "", "CreateIndex": 3, "ModifyIndex": 3 }, { "Node": "vm1", "CheckID": "vault-sealed-check", "Name": "Vault Sealed Status", "Status": "passing", "Notes": "Vault service is healthy when Vault is in an unsealed status and can become an active Vault server", "Output": "", "ServiceID": "vault:127.0.0.1:8200", "ServiceName": "vault", "CreateIndex": 19, "ModifyIndex": 19 } ] } ] ``` Healthy/standby: ``` [snip] "Service": { "ID": "vault:127.0.0.2:8200", "Service": "vault", "Tags": [ "standby" ], "Address": "127.0.0.2", "Port": 8200, "EnableTagOverride": false, "CreateIndex": 17, "ModifyIndex": 20 }, "Checks": [ { "Node": "vm2", "CheckID": "serfHealth", "Name": "Serf Health Status", "Status": "passing", "Notes": "", "Output": "Agent alive and reachable", "ServiceID": "", "ServiceName": "", "CreateIndex": 3, "ModifyIndex": 3 }, { "Node": "vm2", "CheckID": "vault-sealed-check", "Name": "Vault Sealed Status", "Status": "passing", "Notes": "Vault service is healthy when Vault is in an unsealed status and can become an active Vault server", "Output": "", "ServiceID": "vault:127.0.0.2:8200", "ServiceName": "vault", "CreateIndex": 19, "ModifyIndex": 19 } ] } ] ``` Sealed: ``` "Checks": [ { "Node": "vm2", "CheckID": "serfHealth", "Name": "Serf Health Status", "Status": "passing", "Notes": "", "Output": "Agent alive and reachable", "ServiceID": "", "ServiceName": "", "CreateIndex": 3, "ModifyIndex": 3 }, { "Node": "vm2", "CheckID": "vault-sealed-check", "Name": "Vault Sealed Status", "Status": "critical", "Notes": "Vault service is healthy when Vault is in an unsealed status and can become an active Vault server", "Output": "Vault Sealed", "ServiceID": "vault:127.0.0.2:8200", "ServiceName": "vault", "CreateIndex": 19, "ModifyIndex": 38 } ] ``` |
||
|---|---|---|
| .. | ||
| server | ||
| test-fixtures | ||
| token | ||
| audit_disable.go | ||
| audit_disable_test.go | ||
| audit_enable.go | ||
| audit_enable_test.go | ||
| audit_list.go | ||
| audit_list_test.go | ||
| auth.go | ||
| auth_disable.go | ||
| auth_disable_test.go | ||
| auth_enable.go | ||
| auth_enable_test.go | ||
| auth_test.go | ||
| capabilities.go | ||
| capabilities_test.go | ||
| command_test.go | ||
| config.go | ||
| config_test.go | ||
| delete.go | ||
| delete_test.go | ||
| format.go | ||
| format_test.go | ||
| generate-root.go | ||
| generate-root_test.go | ||
| init.go | ||
| init_test.go | ||
| key_status.go | ||
| key_status_test.go | ||
| list.go | ||
| list_test.go | ||
| mount.go | ||
| mount_test.go | ||
| mounts.go | ||
| mounts_test.go | ||
| mounttune.go | ||
| path_help.go | ||
| path_help_test.go | ||
| pgp_test.go | ||
| policy_delete.go | ||
| policy_delete_test.go | ||
| policy_list.go | ||
| policy_list_test.go | ||
| policy_write.go | ||
| policy_write_test.go | ||
| read.go | ||
| read_test.go | ||
| rekey.go | ||
| rekey_test.go | ||
| remount.go | ||
| remount_test.go | ||
| renew.go | ||
| renew_test.go | ||
| revoke.go | ||
| revoke_test.go | ||
| rotate.go | ||
| rotate_test.go | ||
| seal.go | ||
| seal_test.go | ||
| server.go | ||
| server_test.go | ||
| ssh.go | ||
| ssh_test.go | ||
| status.go | ||
| status_test.go | ||
| step-down.go | ||
| token_create.go | ||
| token_create_test.go | ||
| token_lookup.go | ||
| token_lookup_test.go | ||
| token_renew.go | ||
| token_renew_test.go | ||
| token_revoke.go | ||
| token_revoke_test.go | ||
| unmount.go | ||
| unmount_test.go | ||
| unseal.go | ||
| unseal_test.go | ||
| util.go | ||
| version.go | ||
| version_test.go | ||
| write.go | ||
| write_test.go | ||