HashiCorp Vault Storage Backend Decision Tree

With over 15 supported storage backends, it can be a bit of an arduous task to determine which storage backend should be used for a HashiCorp Vault deployment. The goal of this blog post is to help simplify that process with a simple visual decision tree that accounts for some of the common decision points when determining which storage backend to utilize for a deployment.

Development Storage Backend

The filesystem and In-memory storage backends are both great options for quickly getting started with HashiCorp Vault. The other storage backends require an external server(s) or service in order to start using them.

Preferred Production Storage Backend

The preferred storage backend is Hashicorp’s Consul product which is the only backend that checks both the high availability and Hashicorp supported boxes. The reference architecture created by HashiCorp details how Vault can be implemented in a highly available manner using HashiCorp consul.

Cloud Agnostic Highly Available Backend Options

The following storage backends are viable options for cloud agnostic solutions that allow any underlying IaaS platform to be used given that the backend isn’t tied to a particular cloud provider’s managed service.

  • HashiCorp Consul
  • Etcd
  • Zookeeper

Cloud-Specific Backend Options

There a number of public cloud managed services that can be leveraged as a storage backend. The benefit of these options are that they are managed services provided by public cloud providers and become extremely compelling if there are existing workloads in one of those public clouds.

  • AWS S3
  • AWS DynamoDB
  • Azure Storage Container
  • Triton Manta Object Storage
  • GCP Cloud Storage
  • GCP Cloud Spanner

References

Hashicorp Storage Backend
HashiCorp Reference Architecture


To stay up-to-date on the latest in tech news and events, follow AHEAD on Twitter and LinkedIn or subscribe to our newsletter above.

(This blog post originally appeared on GreenReedTech.com.)



mm
Author: Martez Reed
Martez Reed is a Cloud Engineer with experience building automation solutions encompassing Jenkins, Puppet, Terraform, Docker and various other DevOps tools. A passion for educating others on all things technology and a love for learning new things, he brings a wealth of knowledge to AHEAD.

Leave a Reply