scottk/vault
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/vault.git synced 2025-10-31 10:37:56 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
672cdc0fdb35daa04ad9c59ff2146d94e8f7dc4f
vault/website/content/docs/configuration/storage/mysql.mdx
Bryce Kalow e27b43c482 feat(website): migrates nav data format and updates docs pages (#11242) 
* migrates nav data format and updates docs pages

* removes sidebar_title from content files
2021-04-06 13:49:04 -04:00

101 lines
3.5 KiB
Plaintext
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

---
layout: docs
page_title: MySQL - Storage Backends - Configuration
description: |-
The MySQL storage backend is used to persist Vault's data in a MySQL server or
cluster.
---
# MySQL Storage Backend
The MySQL storage backend is used to persist Vault's data in a [MySQL][mysql]
server or cluster.
- **High Availability** the MySQL storage backend supports high availability.
Note that due to the way mysql locking functions work they are lost if a connection
dies. If you would like to not have frequent changes in your elected leader you
can increase interactive_timeout and wait_timeout MySQL config to much higher than
default which is set at 8 hours.
- **Community Supported** the MySQL storage backend is supported by the
community. While it has undergone review by HashiCorp employees, they may not
be as knowledgeable about the technology. If you encounter problems with them,
you may be referred to the original author.
```hcl
storage "mysql" {
username = "user1234"
password = "secret123!"
database = "vault"
}
```
## `mysql` Parameters
- `address` `(string: "127.0.0.1:3306")` Specifies the address of the MySQL
host.
- `database` `(string: "vault")` Specifies the name of the database. If the
database does not exist, Vault will attempt to create it.
- `table` `(string: "vault")` Specifies the name of the table. If the table
does not exist, Vault will attempt to create it.
- `tls_ca_file` `(string: "")` Specifies the path to the CA certificate to
connect using TLS.
- `plaintext_credentials_transmission` `(string: "")` - Provides authorization
to send credentials over plaintext. Failure to provide a value AND a failure
to provide a TLS CA certificate will warn that the credentials are being sent
over plain text. In the future, failure to do acknowledge or use TLS will
result in server start being prevented. This will be done to ensure credentials
are not leaked accidentally.
- `max_parallel` `(string: "128")` Specifies the maximum number of concurrent
requests to MySQL.
- `max_idle_connections` `(string: "0")` Specifies the maximum number of idle
connections to the database. A zero uses value defaults to 2 idle connections
and a negative value disables idle connections. If larger than
`max_parallel` it will be reduced to be equal.
- `max_connection_lifetime` `(string: "0")` Specifies the maximum amount of
time in seconds that a connection may be reused. If <= 0s connections are reused forever.
Additionally, Vault requires the following authentication information.
- `username` `(string: <required>)` Specifies the MySQL username to connect to
the database.
- `password` `(string: <required>)` Specifies the MySQL password to connect to
the database.
### High Availability Parameters
- `ha_enabled` `(string: "true")` - Specifies if high availability mode is
enabled. This is a boolean value, but it is specified as a string like "true"
or "false".
- `lock_table` `(string: "vault_lock")` Specifies the name of the table to
use for storing high availability information. By default, this is the name
of the `table` suffixed with `_lock`. If the table does not exist, Vault will
attempt to create it.
## `mysql` Examples
### Custom Database and Table
This example shows configuring the MySQL backend to use a custom database and
table name.
```hcl
storage "mysql" {
database = "my-vault"
table = "vault-data"
username = "user1234"
password = "pass5678"
}
```
[mysql]: https://dev.mysql.com
Reference in New Issue View Git Blame Copy Permalink