upstream/vault
1
0
Fork 0
mirror of https://github.com/hashicorp/vault.git synced 2026-03-22 18:33:53 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
vault/website/source/docs/http/sys-replication-primary.html.md
Andy Manoske 38d70b7eb7 Vault_Enterprise_WWW (#2327)
2017-03-15 14:31:14 -04:00

4.5 KiB
Raw Blame History

layout page_title sidebar_current description
http HTTP API: /sys/repliation/primary docs-http-replication-primary The '/sys/replication/primary' endpoint focuses on managing replication behavior for a primary cluster, including management of secondaries.

/sys/replication/primary/enable

POST

Description
Enables replication in primary mode. This is used when replication is currently disabled on the cluster (if the cluster is already a secondary, it must be promoted). 
Caution: only one primary should be active at a given time. Multiple
primaries may result in data loss!
Method
POST
URL
`/sys/repliation/primary/enable`
Parameters
  • primary_cluster_addr /span> optional Can be used to override the cluster address that the primary gives to secondary nodes. Useful if the primarys cluster address is not directly accessible and must be accessed via an alternate path/address, such as through a TCP-based load balancer.
Returns
`200` response code with a warning.

/sys/replication/primary/demote

POST

Description
Demotes a primary cluster to a secondary. This secondary cluster will not attempt to connect to a primary (see the update-primary call), but will maintain knowledge of its cluster ID and can be reconnected to the same replication set without wiping local storage.
Method
POST
URL
`/sys/repliation/primary/demote`
Parameters
None
Returns
`200` response code with a warning.

/sys/replication/primary/disable

POST

Description
Disable replication entirely on the cluster. Any secondaries will no longer be able to connect. Caution: re-enabling this node as a primary or secondary will change its cluster ID; in the secondary case this means a wipe of the underlying storage when connected to a primary, and in the primary case, secondaries connecting back to the cluster (even if they have connected before) will require a wipe of the underlying storage.
Method
POST
URL
`/sys/repliation/primary/disable`
Parameters
None
Returns
`200` response code with a warning..

/sys/replication/primary/secondary-token

GET

Description
Requires sudo capability. Generate a secondary activation token for the cluster with the given opaque identifier, which must be unique. This identifier can later be used to revoke a secondary's access.
Method
GET
URL
`/sys/replication/primary/secondary-token`
Parameters
  • id required An opaque identifier, e.g. us-east
  • ttl optional The TTL for the secondary activation token. Defaults to "30m".
Returns
```javascript
{
  "request_id": "",
  "lease_id": "",
  "lease_duration": 0,
  "renewable": false,
  "data": null,
  "warnings": null,
  "wrap_info": {
    "token": "fb79b9d3-d94e-9eb6-4919-c559311133d6",
    "ttl": 300,
    "creation_time": "2016-09-28T14:41:00.56961496-04:00",
    "wrapped_accessor": ""
  }
}
```

/sys/replication/primary/revoke-secondary

POST

Description
Revoke a secondarys ability to connect to the primary cluster; the secondary will immediately be disconnected and will not be allowed to connect again unless given a new activation token.
Method
URL
`/sys/replication/secondary/revoke-secondary`
Parameters
  • id required The identifier used when fetching the secondary token.
Returns
`200` response code with a warning.