Hashicorp VaultΒΆ
Metric |
Target |
|---|---|
RPO |
2 hours (backup every 2 hours) |
RTO |
4 hours |
Note
Vault is currently being migrated from Bregenz to Hetzner.
We use Hashicorp Vault to store secrets. It is available at https://vault.bregenz.a1.cr8.net:8200. Note that the DNS will stay the same even when it is migrated to Hetzner.
Vault uses Consul as the storage mechanism.
The backup procedure for Vault/Consul is well documented in the infrastructure docs.
tldr: the backups are in the cr8-backup-us-east-1 s3 bucket and use the standard Consul
backup mechanism, as described in the infrastructure docs.