operator raft
This command groups subcommands for operators to manage the integrated Raft storage backend.
join
This command is used to join a new node as a peer to the Raft cluster. In order to join, there must be at least one existing member of the cluster. If Shamir seal is in use, then unseal keys are to be supplied before or after the join process, depending on whether it's being used exclusively for HA.
If raft is used for storage
, the node must be joined before unsealing and the
leader-api-addr
argument must be provided. If raft is used for ha_storage
,
the node must be first unsealed before joining and the leader-api-addr
must
not be provided.
Parameters
The following flags are available for the operator raft join
command.
-leader-ca-cert
(string: "")
- CA cert to communicate with Raft leader.-leader-client-cert
(string: "")
- Client cert to to authenticate to Raft leader.-leader-client-key
(string: "")
- Client key to to authenticate to Raft leader.-non-voter
(bool: false) (enterprise)
- This flag is used to make the server not participate in the Raft quorum, and have it only receive the data replication stream. This can be used to add read scalability to a cluster in cases where a high volume of reads to servers are needed. The default is false.-retry
(bool: false)
- Continuously retry joining the Raft cluster upon failures. The default is false.
list-peers
This command is used to list the full set of peers in the Raft cluster.
Example Output
remove-peer
This command is used to remove a node from being a peer to the Raft cluster. In certain cases where a peer may be left behind in the Raft configuration even though the server is no longer present and known to the cluster, this command can be used to remove the failed server so that it is no longer affects the Raft quorum.
snapshot
This command groups subcommands for operators interacting with the snapshot
functionality of the integrated Raft storage backend. There are 2 subcommands
supported: save
and restore
.
snapshot save
Takes a snapshot of the Vault data. The snapshot can be used to restore Vault to the point in time when a snapshot was taken.
Note: Snapshot is not supported when Raft is used for ha_storage
.
snapshot restore
Restores a snapshot of Vault data taken with vault operator raft snapshot save
.