A Vault upgrade for our setups was long overdue. We’ve upgraded our Vault installation tools from version 0.9.3 to 1.0.1, which is the latest Vault version available at the moment. As Vault is set up as HA, the downtime of the upgrade will be minimal, normally between half a second and a couple of seconds, which is the time the fail-over takes. The upgrade procedure to achieve that minimal downtime is the following:
- Replace standby instance
- Unseal new standby instance
- Fail-over to new standby instance
- Replace the second instance (the one that was previously master)
- Unseal the second instance
As you own the unseal keys, we’ll need to coordinate with you for this upgrade, so you can expect a communication from us during the next few days to schedule a time to do it.
The new Vault version comes with a lot of fixes, improvements and new features. You can check the full changelog here. One of these new features is the web UI, which allows you to use Vault from the web browser. This new web UI is optional and can be enabled during the upgrade.