The Vault platform takes full advantage of cloud-native architecture and is deployed to multiple data centres in an active-active setup, making it resilient to failure. This allows the platform to recover from issues without interruption to the bank's customers.
The Vault platform has been built from the ground up harnessing all the strengths of cloud infrastructure. This is a fundamentally different approach from the practice of simply porting legacy software into the cloud. Such an approach confers no additional benefits in resilience or availability.
All layers of the Vault stack are built around the principles of self-healing, automation and 'zero-touch prod'. This means that the Vault platform can automatically recover from failures without manual intervention, such as service or node failures. The platform is deployed alongside a sophisticated monitoring stack which captures logs and thousands of metrics for incident resolution and trend analysis.
We have implemented additional cloud-specific features to ensure the highest levels of resilience. The Vault platform can be deployed across multiple data centres, in an active-active state, spread across multiple AZs, ensuring uptime in the unlikely event of a failure. Data is physically and logically replicated across data centres to offer high levels of durability, while backups are taken on a regular basis.
Upgrades are fully automatic and do not require any downtime. This is achieved by performing rolling blue/green updates, ensuring that new services are ready to receive traffic before they are added to the pool of active services. All updated services must be up and running before the old services are torn down, and the rollout will automatically be paused if there are any issues.