HashiConf 2025 Don't miss the live stream of HashiConf Day 2 happening now View live stream
Vault
Vault Home

You are viewing documentation for version v1.19.x. View latest version.

Rollback a Vault upgrade

Vault supports in-place upgrades but does not support automatic rollbacks.

Before you start

  • You must have sudo permissions on the Vault server. Make sure you have can install binaries on the Vault server.
  • You must have admin permissions for Vault. Make sure you can stop and start the Vault process.
  • Identify unseal candidates. Identify and notify enough people with unseal shards to meet the unseal threshold after restart.

Basic rollback process

To rollback a Vault upgrade:

  1. Use SIGINT or SIGTERM to shut down Vault.

    $ kill <vault_pid>

  2. Install your previous version of Vault over your existing instance.

  3. Replace the upgraded Vault data store with your pre-upgrade snapshot.

  4. Replace the upgraded Vault configuration with your pre-upgrade configuration.

  5. Start Vault.

  6. Verify the current version:

    $ vault status | grep Version

  7. Unseal Vault.

  8. Test the rollback.

Edit this page on GitHub