Comment 5 for bug 1809377
Revision history for this message
| Tim Van Steenburgh (tvansteenburgh) wrote Re: [Bug 1809377] Re: Scale out broken | #5 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
0e1f616
(Get the code!)
>
> Canonical OpenStack supports full disk encryption. It does this using
> vault. vault uses etcd as a backing store. etcd gets its TLS from
> easyrsa.
>
In this case I suspect that EasyRSA is there to bootstrap etcd certs, since
etcd must be up-and-running in order for Vault to enter HA mode. But you
can also achieve the same result without EasyRSA, by starting with a single
unit of Vault (which provides certs to etcd), and then scaling Vault up
after etcd is running.