Background
If Vault uses integrated storage, the Autopilot manages the raft cluster by default starting Vault v1.7.x. Server stabilization works by default, but you'll need to explicitly enable dead server cleanup.
Need
For any known/unknown reason, how can we permanently disable the Integrated Storage (RAFT) Autopilot feature?
Solution
Set an environment variable called "VAULT_RAFT_AUTOPILOT_DISABLE" with any non-empty value. For example:
export VAULT_RAFT_AUTOPILOT_DISABLE=1
'or'
export VAULT_RAFT_AUTOPILOT_DISABLE=True
Once you set this environment variable, you'll observe that Vault will honor this variable in its startup sequence like below:
:~$ vault server -config config.hcl
==> Vault server configuration:
Api Address: http://127.0.0.1:8200
Cgo: disabled
Cluster Address: https://127.0.0.1:8201
Environment Variables: DBUS_SESSION_BUS_ADDRESS, GODEBUG, HOME, LANG, LESSCLOSE, LESSOPEN, LOGNAME, LS_COLORS, MOTD_SHOWN, PATH, PWD, SHELL, SHLVL, SSH_CLIENT, SSH_CONNECTION, SSH_TTY, TERM, USER,
VAULT_RAFT_AUTOPILOT_DISABLE, XDG_DATA_DIRS, XDG_RUNTIME_DIR, XDG_SESSION_CLASS, XDG_SESSION_ID, XDG_SESSION_TYPE, _
Go Version: go1.20.3
Listener 1: tcp (addr: "127.0.0.1:8200", cluster address: "127.0.0.1:8201", max_request_duration: "1m30s", max_request_size: "33554432", tls: "disabled")
Log Level: trace
Mlock: supported: true, enabled: false
Recovery Mode: false
Storage: raft (HA available)
Version: Vault v1.13.2+ent, built 2023-04-25T19:30:45Z
Version Sha: ca5ea376af76440caa5e82e9b659b9e7c09268b4
==> Vault server started! Log data will stream in below:
Now, if you would try setting the Autopilot config, Vault would give you a "runtime error: invalid memory address or nil pointer dereference" in its operational logs. Also, the CLI will show like:
:~$ vault operator raft autopilot set-config
Put "http://127.0.0.1:8200/v1/sys/storage/raft/autopilot/configuration": EOF