On Mon, Feb 28, 2022 at 01:07:37PM +0100, Bastian Blank wrote: > On Sun, Feb 27, 2022 at 09:41:47PM -0800, Ross Vandegrift wrote: > > > We use Hashicorp Vault in my company, and we are very happy of it. It > > > works > > > well, it's safe, and has many good options. So I support the idea. > > +1 - we should talk more about how this would look. I have some thoughts. > > We could keep it simple: one VM in an autounseal supported cloud, probably > > using a storage backend from the platform. > > Yeah. That just reduces the possibilities to the large platforms.
I agree this is a downside. But we wouldn't be forever locked into a plaform - it's easy to migrate to consul (and probably raft, but I've never actally used it). > > Thanks! Bastian, do you remember how much artifact storage we use? IIRC, > > it's > > surprisingly large. salsa is still down at the moment, so I'm unable to > > check. > > It isn't that much. Let's say something below 200G, more like 50. Oh great- for some reason I thought it was like 2TB. > > > But, this is problematic not only for the cloud team. Let's hope this gets > > > fixed "soon", no? Maybe we should set a deadline for ourselves? > > 100% agreed. I don't think we need to set a deadline yet, but I think we > > should continue this conversation so we can build opinions about our > > options. > > Well, 14 months should be enough, don't you think? Sorry, I think I wasn't clear. I meant that I didn't see the need to set a specific deadline, especially if that meant that we delayed figuring out a plan. If we have momentum to figure this out now, then I think we should proceed. Ross
