Upgrade Vault to 1.2.3

We’ve recently upgraded our Vault setups to version 1.2.3, which is the latest Vault version available at the moment. Compared to version 1.0.1, there are a bunch of bug fixes and multiple improvements under the hood. You can check the full changelog here.

As Vault is set up in HA, the downtime of the upgrade will be minimal, normally between half a second and a couple of seconds, which is the time it takes the master server to fail-over to the secondary. The upgrade procedure to achieve that minimal downtime is the following:

  1. Replace standby instance
  2. Unseal new standby instance
  3. Fail-over to new standby instance
  4. Replace the second instance (the one that was previously master)
  5. Unseal the second instance

As you own the unseal keys, we’ll need to coordinate with you for this upgrade, so you can expect a communication from us during the next few days to schedule a time to do it.