README.md 1.22 KB
Newer Older
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
# Load balancer for HashiCorp's Vault Cluster
  
This Terraform setup creates a load balancer for a
[Vault](https://www.vaultproject.io/).
The target cloud platform is CADES OpenStack.
The [HashiCorp Vault Load Balancer AWS
Module](https://github.com/hashicorp-modules/vault-lb-aws)
was used to develop this OpenStack version of the module.
The [CADES HAProxy Load Balancer Module](https://code.ornl.gov/rse-terraform-modules/cades-load-balancer-haproxy) 
was used for the load balancer itself.
The requirements for each port are described in the
[Vault Reference Architecture](https://learn.hashicorp.com/tutorials/vault/reference-architecture) docs.
The steps are:
1. Setup the security group for the load balancer
2. Add rules to the security group
3. Setup the load balancer with following port map:

| frontend | backend |
|----------|---------|
| 80       | 8200    |
| 443      | 8200    |
| 8200     | 8200    |

The only inputs are:
1. `name` - name of the load balancer instance
2. `vault_servers` - list of IPs for the backend servers of the Vault cluster

**NOTE:** - Must have the backend servers listen on ports 8200
and have a security group that allows for access to those ports.
See the `examples` directory for a working example.