vault-storage icon indicating copy to clipboard operation
vault-storage copied to clipboard

Published 20 hours ago verified publisher icon rundeck-plugins

High number of request on vault cluster

Open Thorsieger opened this issue 2 years ago • 0 comments

Hi,

I have 4 rundeck instances with a lot of jobs running every day, all plugged to my vault cluster to request passwords/keys.

I found that they made like 1.5M call to my vault over 24 hours.

For example I have one job running every 5 minutes, that run 5 jobs on 12 machines and request the same two secrets. That means, every five minutes, I have 1440 requests to my vault only for the exact same two secrets.

vault pluging version : 1.3.5 rundeck version : 3.4.10 plugin configuration :

rundeck.storage.provider.1.type=vault-storage
rundeck.storage.provider.1.path=keys
rundeck.storage.provider.1.config.prefix=rundeck
rundeck.storage.provider.1.config.secretBackend=kvXXX
rundeck.storage.provider.1.config.address=https://XXX
rundeck.storage.provider.1.config.storageBehaviour=vault
rundeck.storage.provider.1.config.engineVersion=2
rundeck.storage.provider.1.config.authBackend=approle
rundeck.storage.provider.1.config.approleId=XXX
rundeck.storage.provider.1.config.approleSecretId=XXX
rundeck.storage.provider.1.config.approleAuthMount=approle

Is there anything I forgot to add in the configuration to reduce the number of call ? some sort of caching ?

Thorsieger avatar Mar 01 '23 09:03 Thorsieger