-
Notifications
You must be signed in to change notification settings - Fork 4.2k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add reading guide for designing Vault clusters (#26947)
- Loading branch information
Showing
2 changed files
with
54 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,50 @@ | ||
| --- | ||
| layout: docs | ||
| page_title: Vault Enterprise cluster design | ||
| description: >- | ||
| Instructions and best practices for cluster design with Vault Enterprise. | ||
| --- | ||
|
|
||
| # Design your Vault Enterprise cluster | ||
|
|
||
| @include 'alerts/enterprise-only.mdx' | ||
|
|
||
| If you want to implement a robust Vault cluster, you need to understand how | ||
| Vault manages clusters, storage, and replication. | ||
|
|
||
| ## Before you start | ||
|
|
||
| - **Complete the [HashiCorp Enterprise Academy Onboarding](https://onboarding.hashicorp.com/trainings) for Vault**. | ||
| - **Watch the [Raft consensus demo](https://thesecretlivesofdata.com/raft/) demo**. | ||
|
|
||
| ## Step 1: Plan your cluster architecture | ||
|
|
||
| 1. Review the [Integrated storage](/vault/docs/concepts/integrated-storage) | ||
| overview to learn the basics about Vault integrated storage. | ||
| 1. Review the [Vault multi-cluster architecture guide](/well-architected-framework/zero-trust-security/multi-cluster-architecture) | ||
| to learn the best practices for running multiple Vault clusters. | ||
| 1. Review the [Vault Enterprise replication overview](/vault/docs/enterprise/replication) | ||
| to learn the differences between performance replication and disaster | ||
| recovery replication. | ||
| 1. Review the [Vault with integrated storage reference architecture](/well-architected-framework/zero-trust-security/raft-reference-architecture) | ||
| guide to learn the best practices for using Vault integrated storage | ||
| in a zero-trust security posture. | ||
|
|
||
| ## Step 2: Review anti-patterns for Vault configuration | ||
|
|
||
| You can help keep your Vault environments healthy by avoiding established | ||
| anti-patterns. | ||
|
|
||
| The Hashicorp Well-architected framework documentation provides in-depth | ||
| [Vault anti-patterns](/vault/docs/concepts/integrated-storage) guidance based on | ||
| lessons learned by customers operating Vault in the field. | ||
|
|
||
| ## Step 3: Plan for maintenance at scale | ||
|
|
||
| The easiest way to run Vault at scale is to manage Vault programmatically with | ||
| Terraform and Sentinel. | ||
|
|
||
| 1. Review the [Terraform intro](/terraform/intro). | ||
| 1. Review the [Programmatic best practices](/well-architected-framework/operational-excellence/operational-excellence-managing-vault-with-terraform) | ||
| guide to learn about managing Vault through Terraform. | ||
| 1. Review the [Vault namespaces recommendations](/vault/tutorials/enterprise/namespace-structure#use-namespaces-sparingly). |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters