Navigating the New HashiCorp Enterprise License Deployment Process

We recently introduced a new licensing deployment process to the enterprise offerings of Consul, Nomad, and Vault. The changes will affect product upgrades and the server instances’ boot-up order of operations. This is a minor but important change that brings our product licensing in line with industry best practices. Further, many customers have asked for enhanced automation for license loading. We're using this change as an opportunity to simplify the license loading operation.

A learning guide is available to help you install an enterprise license. Check out the Install a HashiCorp Enterprise License tutorial for detailed guidance.

»The New Enterprise License Process

The new license enablement process ships with Consul Enterprise 1.10, Nomad Enterprise 1.1, and Vault Enterprise 1.8. In these product versions, HashiCorp Enterprise servers will no longer start without a license.

Instead, the server boot-up process introduces a license check. When the server instance initializes the license watcher, it will read from an environment variable or file. If the license is missing, invalid, or expired, the server will immediately exit. Read on for more details on how this process functions.

Vault Enterprise will retain the capability of looking up a license from storage. However, this capability will be deprecated in a future release, and customers must provide an enterprise license through the process mentioned above.

In previous versions of HashiCorp enterprise products, one server could distribute a license to other servers via the Raft protocol. This method will no longer work since each server must find a valid license during the startup process.

»License Frequently Asked Questions (FAQ)

You can find a product-specific FAQ on each of the products' documentation pages.

• Consul
• Nomad
• Vault

»Boot-Up Process Flow

Here is a closer look at the boot-up process, and the available options for providing a license to the server instances.

As mentioned previously, the server instances expect a valid license to be available during the boot-up process. The license order of precedence for the boot-up process is the following:

1. file_path specified in the configuration file.
2. CONSUL_LICENSE, NOMAD_LICENSE, VAULT_LICENSE environment variable.
3. CONSUL_LICENSE_PATH, NOMAD_LICENSE_PATH, VAULT_LICENSE_PATH environment variable

The license watcher process verifies that a valid license is available during the boot-up process by following the license order of precedence. The diagram below shows how the process works and the license search order.

»Request a Trial License

You can download a 30-day free trial license for any HashiCorp enterprise product. Follow the links below and agree to the terms of service. Upon completing the form, you will observe a license key on the screen and receive an email containing the license.

• Consul
• Nomad
• Vault

Don’t have your enterprise license handy? Got other questions? HashiCorp Enterprise customers may contact their organization's customer success manager (CSM) or email support-softwaredelivery@hashicorp.com.

»Next Steps

The license enablement process is different starting with Consul Enterprise 1.10, Nomad Enterprise 1.10, and Vault Enterprise 1.8. Read the Install a HashiCorp Enterprise License tutorial for detailed guidance on how to configure a server instance with an enterprise license.

We don’t foresee an impact on other aspects of your incumbent automation tooling. If you have any specific questions, please reach out to your account team or email us on support-softwaredelivery@hashicorp.com. We are standing by to help.