Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Vault rekeying documentation clarification #3306

Closed
jhmartin opened this issue Sep 8, 2017 · 0 comments
Closed

Vault rekeying documentation clarification #3306

jhmartin opened this issue Sep 8, 2017 · 0 comments
Milestone
0.9.1

Comments

@jhmartin
Copy link
Contributor

jhmartin commented Sep 8, 2017
edited
Loading

https://www.vaultproject.io/guides/rekeying-and-rotating.html#rekeying-vault states "Rekeying the Vault requires a quorum of unseal keys. Before continuing, you should ensure all unseal key holders are available to assist with the rekeying." (emphasis mine)

The presence of the word 'all' is confusing, as in my test on 0.8.2 where I had initialized with shares=3 and threshold=2, I was able to rekey with just 2. This line should clarify if a majority is required or if just $threshold is required.

It should also clarify that rekeying does not affect the seal status of any other nodes in the cluster.
jefferai added a commit that referenced this issue Dec 2, 2017
@jefferai
Update some rekey docs
dc70f13 
Fixes #3306
@jefferai jefferai added this to the 0.9.1 milestone Dec 2, 2017
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
0.9.1
Development

No branches or pull requests
2 participants
@jefferai @jhmartin