Problem
Terraform Enterprise utilizes an internal instance of Vault to encrypt and decrypt sensitive values.
If there are interruptions to communication between vault and it's storage backend, it may be unable to perform these operations and Terraform Enterprise will present the following error message:
Error fetching data
Vault, a service used to store secrets in Terraform
Enterprise, has encountered an error retrieving a secret.
This can mean the vault is sealed and needs to be
unsealed to resume operations.
Cause
Terraform Enterprise's internal Vault instance has become sealed due to a loss in connectivity to its storage backend. This is often caused after a restart/failover of the PostgreSQL DB instance.
Overview of possible solutions
There are multiple possible solutions for this issue. You can attempt one solution at a time, in the order presented below.
Solution 1:
- Restart the affected container
docker stop tfe-vaultdocker start tfe-vault
For releases prior to v202205-1, the container is named ptfe_vault
Solution 2:
- Restart the application
replicatedctl app stopreplicatedctl app start
Solution 3:
- Disable SSL by adding the following value to the postgres optional extra parameters in the replicated dashboard:
sslmode=disable
Solution 4:
- If on a release prior to
v202110-1, upgrade tov202110-1or later
Outcome
If the issue persists after attempting the solutions above, please reach out to HashiCorp Support for additional assistance.