section

Master-Slave Replication

Master-Slave Replication Explained

Why We Use It

  • Vault (Master): Write operations, protected by password
  • Operational (Slave): Read operations, automatic sync from vault
  • Protection: If operational gets wiped, vault has master copy

How It Works

  1. Write data to vault: SET key value
  2. Vault automatically replicates to operational (master → slave)
  3. Read from operational: GET key
  4. Operational always has copy of vault data

Configuration Requirements

Same Docker Network

Both containers MUST be on nexus-network to communicate:

--network nexus-network

Replication Parameters

Operational needs these in REDIS_ARGS:

--replicaof nexus3-{env}-vault 6379  # Master container name
--masterauth PASSWORD  # Master password for auth

These MUST be in startup config to persist through restarts!

Verification

# Check operational status
redis-cli -p {OP_PORT} -a PASSWORD INFO replication

# Should show:
role:slave
master_link_status:up  # This means replication is working!

# Check vault status  
redis-cli -p {VAULT_PORT} -a PASSWORD INFO replication | grep connected_slaves

# Should show:
connected_slaves:1  # Vault knows operational is connected
ID: cb14d002
Path: Nexus 3.0 Hard Boot Recovery > Master-Slave Replication
Updated: 2026-01-13T10:04:14
🌳 View Tree