[Feature Request] Ability to use a list of Vault nodes

Question

[Feature Request] Ability to use a list of Vault nodes

voiprodrigo opened this issue 4 years ago · 3 comments

Hi,

It would be useful (for me at least) if lookup could use a list of node URL's, instead of a single one.
Then, in two situations it could automatically try the next node in the list:

in case there's no response from the node (maybe it's down or unreachable) (connection exception)
in case the node is sealed (response exception)

Thanks.

Answer 1 · 2020-09-05T18:29:39.000Z

if we allow vault_uri to be an Array, and allow VAULT_ADDR to be a comma separated string of addresses, then we can do something like this:
voxpupuli/puppet-jenkins#904 on connection failure, we advance to the next node in the array

would you be up for writing this patch?

Answer 2 · 2020-09-05T22:01:42.000Z

I would, yes. I'll try to open a PR soon.

Answer 3 · 2020-09-06T11:14:11.000Z

Note that https://github.com/puppetlabs/puppet/blob/main/lib/puppet/util/retry_action.rb does exist and is probably a better approach than I took in my other PR.