Multi-secondary performance replication is now available on HCP Vault
HCP Vault Plus clusters can now have more than one additional performance secondary cluster per primary cluster within the same cloud provider.
We are pleased to announce the availability of performance replication with multiple secondary clusters on HashiCorp Cloud Platform (HCP) Vault. Customers will now have fully managed performance replication across many regions spread across the US, Canada, EMEA, and Asia-Pacific.
HCP Vault is a mission-critical service that provides secrets storage, authentication, and policy management. This functionality must be scalable while at the same time ensuring consistent secrets and keys are available to applications and policies are enforced at a global level. Performance replication ensures consistency and scalability to meet the needs of customers operating in geographically distributed environments.
Reducing latency and supporting customers across geographic locations and regions is top of mind for many enterprise customers interested in using Vault as a managed service. With the ability to spin up multiple secondary clusters per primary cluster, HCP Vault Plus customers can have clusters across multiple regions within the same cloud provider.
» Performance replication
Many large-scale organizations with high-throughput applications require a secrets management service that can accommodate their scale. HCP Vault has supported performance replication since 2022, however, primary clusters were allowed only one additional secondary. Now, customers can provision production-grade three-node Vault clusters across multiple regions within the same cloud provider as their primary cluster.
Replication operates in a leader-to-follower model, wherein a leader cluster (a primary) is linked to a follower cluster (a secondary). The primary cluster acts as the system of record and asynchronously replicates most Vault data. Common use cases for performance replication include:
- Multi-region deployments: Setting up two highly available, production-grade clusters across regions can be time-consuming and challenging. Running a single cluster can lead to high latency, limit scalability, and raise the risk of availability loss.
- Scaling throughput: Applications using Vault for high-volume scenarios may need additional servers to handle requests in a scalable manner.
- Reinforcing data locality: With paths filter, users can decide which secrets engines are replicated to certain regions, further controlling the distribution of secrets across their infrastructure.
» Get started with HCP Vault today
HCP Vault is generally available in both AWS and Microsoft Azure. By default, customers can deploy up to five additional secondaries per primary cluster. Depending on business needs, customers can request to raise this limit by filing a ticket with HashiCorp support. Performance replication is limited exclusively to the HCP Vault Plus tier, which can be purchased via pay-as-you-go, flexible consumption, and entitlement contracts.
You can learn more about HCP Vault on our product page and developer site. For more information about HCP Vault tiers and features, please visit the HCP Vault pricing page: all newly created accounts receive $50 in HCP credits. To get started, create a HashiCorp Cloud Platform account and try HCP Vault for yourself.
Sign up for the latest HashiCorp news
More blog posts like this one
Fix the developers vs. security conflict by shifting further left
Resolve the friction between dev and security teams with platform-led workflows that make cloud security seamless and scalable.
HashiCorp at AWS re:Invent: Your blueprint to cloud success
If you’re attending AWS re:Invent in Las Vegas, Dec. 2 - Dec. 6th, visit us for breakout sessions, expert talks, and product demos to learn how to take a unified approach to Infrastructure and Security Lifecycle Management.
HCP Vault Secrets adds enterprise capabilities for auto-rotation, dynamic secrets, and more
HCP Vault Secrets focuses on making a fast and easy path for secure development with key new features including auto-rotation (GA), dynamic secrets (beta), a new secret sync destination, and more.