Secrets Store Architecture
EGI Secrets Store is based on Hashicorp Vault and is fully integrated with EGI Check-in, allowing users to use it with their community credentials.
Important
When this service is adopted by an application, it becomes a critical dependency for that application, thus the EGI Secrets Store is implemented using a highly-available (HA) approach.Service design
Multiple Vault servers in HA mode, located at different geographical locations (in different resource centres) are connected into a cluster, with one active and multiple standby instances. Data is replicated among servers using the Raft Consensus algorithm supported by the Vault Integrated Storage.
Should the active server fail, one of the standby servers will become active automatically. Each server does a periodic check, and the active one will update the main service endpoint to point to itself, via Dynamic DNS.
Service endpoints
During normal operation users can access any of the nodes of EGI Secrets Store directly:
Note
Accessing EGI Secrets Store via the node endpoints is not recommended: if a server is down, its endpoint is not accessible.For convenience and high availability, you should use the generic endpoint to access the service. This generic endpoint will be pointed to one of the service nodes automatically via Dynamic DNS. A simple cron script periodically checks and assigns the generic hostname to a healthy server.
The recovery time of the generic endpoint, in the case of an unscheduled downtime of the generic endpoint’s server, is T+1 minutes, where T is the interval between cron checks (usually 1 minute). In the case of scheduled downtime for maintenance, administrators simply assign the generic endpoint to another server instance.