Difference between Spring Cloud Vault and Spring Cloud Config with Vault backend - spring

What is the difference between the followings?
Spring Cloud Vault - http://cloud.spring.io/spring-cloud-vault/
Spring Cloud Config Server with Vault backend - http://cloud.spring.io/spring-cloud-static/Camden.SR4/#_spring_cloud_config_server

Spring Cloud Vault is more lightweight because it does not require to run a java server (Spring Cloud Config Server) as a frontend for Vault, your Spring Boot app connects directly to Vault.
I have a small demo: https://github.com/gmarziou/demo-spring-cloud-vault

Related

How to change the load sequence for Azure key vault and spring cloud config?

I'm using the Azure key vaults just follow this doc.
and spring cloud config server ,
i put the configurations of key vaults in spring cloud config
but found out when application start, the Azure key vaults is load before spring cloud config
so means i can not get the azure configs in spring cloud.
is there a way to change the load sequence?
make the spring cloud configs load in firstly

Is Service binding approach using spring cloud connectors relevant when credentials are stored in Vault?

I have been using the Spring cloud Service connectors for Pivotal cloud foundry for a long time which gets the connection details from the VCAP_SERVICES env variable. Now we have a requirement to read these credentials from Vault . I am just curious , Can I still continue to use the Service binding approach with spring cloud connector ? I would assume we don't want to expose these credentials from vault to an VCAP_SERVICES variable which defeat the purpose of the vault. Has there been any enhancements in Spring cloud connectors to read the credentials directly from Vault rather than depending the VCAP_SERVICES env variable or should I resort back to the Spring boot's default Application Properties based approach instead of the service binding approach using cloud connectors ?
The Spring Cloud Connectors project is now in maintenance mode, in favor of the newer Java CFEnv project. However, Java CFEnv is also very specific to Cloud Foundry's VCAP_SERVICES model of exposing service bindings and won't help you if the service connection info is in Vault.
I would suggest that you fall back to the Spring Boot properties-based approach using Spring Cloud Vault or Spring Cloud Config Server's Vault integration to automate fetching the properties from Vault and making them available as Spring Boot properties.

Difference between spring cloud config server vs consul?

I am confused when to use spring cloud config server and consul.
Both will read configurations files in their own ways.
Can you please let me know when use spring cloud config server and when to use consul?
Both serve configuration from remote servers to spring boot applications. Config Server aggregates configuration from multiple sources: git, svn, sql databases, vault and credhub. Spring Cloud Consul serves configuration to boot apps directly from the consul key-value store. If you already have consul in your infrastructure, it would simplify things by not having to run config server.

spring boot client app interaction with pcf config server backed by hashicorp vault?

I am working on spring boot app which will be deployed in pcf and it will use pcf config server service which is backed by hashicorp vault. What I would like to know is which dependencies I should be adding in my spring boot app other that spring-cloud-config-client. Do I need to add spring-cloud-vault, if yes then why does it need to be added if app only talks to config server? I would like to know how this end to end interaction works.

What is bootstrap yaml in spring boot

What is bootstrap yaml in spring boot?
And could you advise where I can use it?
bootstrap.yml is used in spring cloud
It is starting before application.yml
It is almost use with spring cloud config server
Spring cloud config server is server which is used to externilize your application configuration.
And when starting your application bootstrap.yml will take the configuration from spring cloud config server.
It also can use encrypting and decrypting some information by :
'{cipher}someyour encoded text'
and server will decode it while pulling the configurations
But you need to create jks
You can reach the documentation for more information about spring cloud :
https://spring.io/guides/gs/centralized-configuration/
Configuration files in spring boot will be loaded in such order:
1. src/main/resources/bootstrap.yml
2. src/main/resources/application.yml
3. config/application.yml

Resources