mirror of
https://github.com/hashicorp/vault.git
synced 2026-03-08 00:11:33 -05:00
1329a6b506
The previous strategy for provisioning infrastructure targets was to use the cheapest instances that could reliably perform as Vault cluster nodes. With this change we introduce a new model for target node infrastructure. We've replaced on-demand instances for a spot fleet. While the spot price fluctuates based on dynamic pricing, capacity, region, instance type, and platform, cost savings for our most common combinations range between 20-70%. This change only includes spot fleet targets for Vault clusters. We'll be updating our Consul backend bidding in another PR. * Create a new `vault_cluster` module that handles installation, configuration, initializing, and unsealing Vault clusters. * Create a `target_ec2_instances` module that can provision a group of instances on-demand. * Create a `target_ec2_spot_fleet` module that can bid on a fleet of spot instances. * Extend every Enos scenario to utilize the spot fleet target acquisition strategy and the `vault_cluster` module. * Update our Enos CI modules to handle both the `aws-nuke` permissions and also the privileges to provision spot fleets. * Only use us-east-1 and us-west-2 in our scenario matrices as costs are lower than us-west-1. Signed-off-by: Ryan Cragun <me@ryan.ec> |
||
|---|---|---|
| .. | ||
| autopilot_upgrade_storageconfig | ||
| az_finder | ||
| backend_raft | ||
| build_crt | ||
| build_local | ||
| generate_secondary_token | ||
| get_local_metadata | ||
| k8s_deploy_vault | ||
| k8s_vault_verify_build_date | ||
| k8s_vault_verify_replication | ||
| k8s_vault_verify_ui | ||
| k8s_vault_verify_version | ||
| k8s_vault_verify_write_data | ||
| load_docker_image | ||
| local_kind_cluster | ||
| read_license | ||
| shutdown_multiple_nodes | ||
| shutdown_node | ||
| target_ec2_instances | ||
| target_ec2_spot_fleet | ||
| vault_agent | ||
| vault_artifactory_artifact | ||
| vault_cluster | ||
| vault_get_cluster_ips | ||
| vault_raft_remove_peer | ||
| vault_setup_perf_primary | ||
| vault_setup_perf_secondary | ||
| vault_test_ui | ||
| vault_unseal_nodes | ||
| vault_upgrade | ||
| vault_verify_agent_output | ||
| vault_verify_autopilot | ||
| vault_verify_performance_replication | ||
| vault_verify_raft_auto_join_voter | ||
| vault_verify_read_data | ||
| vault_verify_replication | ||
| vault_verify_ui | ||
| vault_verify_undo_logs | ||
| vault_verify_unsealed | ||
| vault_verify_version | ||
| vault_verify_write_data | ||