Multi-secondary performance replication is now available on HCP Vault
HCP Vault Plus clusters can now have more than one additional performance secondary cluster per primary cluster within the same cloud provider.
We are pleased to announce the availability of performance replication with multiple secondary clusters on HashiCorp Cloud Platform (HCP) Vault. Customers will now have fully managed performance replication across many regions spread across the US, Canada, EMEA, and Asia-Pacific.
HCP Vault is a mission-critical service that provides secrets storage, authentication, and policy management. This functionality must be scalable while at the same time ensuring consistent secrets and keys are available to applications and policies are enforced at a global level. Performance replication ensures consistency and scalability to meet the needs of customers operating in geographically distributed environments.
Reducing latency and supporting customers across geographic locations and regions is top of mind for many enterprise customers interested in using Vault as a managed service. With the ability to spin up multiple secondary clusters per primary cluster, HCP Vault Plus customers can have clusters across multiple regions within the same cloud provider.
» Performance replication
Many large-scale organizations with high-throughput applications require a secrets management service that can accommodate their scale. HCP Vault has supported performance replication since 2022, however, primary clusters were allowed only one additional secondary. Now, customers can provision production-grade three-node Vault clusters across multiple regions within the same cloud provider as their primary cluster.
Replication operates in a leader-to-follower model, wherein a leader cluster (a primary) is linked to a follower cluster (a secondary). The primary cluster acts as the system of record and asynchronously replicates most Vault data. Common use cases for performance replication include:
- Multi-region deployments: Setting up two highly available, production-grade clusters across regions can be time-consuming and challenging. Running a single cluster can lead to high latency, limit scalability, and raise the risk of availability loss.
- Scaling throughput: Applications using Vault for high-volume scenarios may need additional servers to handle requests in a scalable manner.
- Reinforcing data locality: With paths filter, users can decide which secrets engines are replicated to certain regions, further controlling the distribution of secrets across their infrastructure.
» Get started with HCP Vault today
HCP Vault is generally available in both AWS and Microsoft Azure. By default, customers can deploy up to five additional secondaries per primary cluster. Depending on business needs, customers can request to raise this limit by filing a ticket with HashiCorp support. Performance replication is limited exclusively to the HCP Vault Plus tier, which can be purchased via pay-as-you-go, flexible consumption, and entitlement contracts.
You can learn more about HCP Vault on our product page and developer site. For more information about HCP Vault tiers and features, please visit the HCP Vault pricing page: all newly created accounts receive $50 in HCP credits. To get started, create a HashiCorp Cloud Platform account and try HCP Vault for yourself.
Sign up for the latest HashiCorp news
More blog posts like this one
Vault integrations with MongoDB, Private Machines, and walt.id strengthen customer security
Three new HashiCorp Vault ecosystem integrations extend security use cases for customers.
HashiCorp at re:Invent 2024: Security Lifecycle Management with AWS
A recap of HashiCorp security news and developments on AWS from the past year, for your security management playbook.
HCP Vault Dedicated adds secrets sync, cross-region DR, EST PKI, and more
The newest HCP Vault Dedicated 1.18 upgrade includes a range of new features that include expanding DR region coverage, syncing secrets across providers, and adding PKI EST among other key features.