{{message-error errors=errors}}
{{#if initialReplicationMode}}
{{#if (eq initialReplicationMode 'dr')}}
{{i-con class="has-text-grey is-medium" glyph="replication" size=24}}
Disaster Recovery (DR) Replication
DR is designed to protect against catastrophic failure of entire clusters. Secondaries do not forward service requests (until they are elected and become a new primary).
{{else if (eq initialReplicationMode 'performance')}}
{{i-con class="has-text-grey is-medium" glyph="perf-replication" size=20}}
Performance Replication
{{#if (not version.hasPerfReplication)}}
Performance Replication is a feature of {{#upgrade-link pageName="Performance Replication"}}Vault Enterprise Premium{{/upgrade-link}}
{{else}}
Performance replication scales workloads horizontally across clusters to make requests faster. Local secondaries handle read requests but forward writes to the primary to be handled.
{{/if}}
{{/if}}
{{else}}
In both Performance and Disaster Recovery (DR) Replication, secondaries share the underlying configuration, policies, and supporting secrets as their primary cluster.
{{/if}}
{{#if (eq mode 'secondary')}}
Caution: this will immediately clear all data in this cluster!
{{/if}}
{{#if (eq mode 'primary')}}
{{#if cluster.canEnablePrimary}}
{{input class="input" id="primary_cluster_addr" name="primary_cluster_addr" value=primary_cluster_addr}}
Overrides the cluster address that the primary gives to secondary nodes.
{{else}}
The token you are using is not authorized to enable primary replication.
{{/if}}
{{else}}
{{#if cluster.canEnableSecondary}}
{{#if (and
(eq replicationMode 'dr')
(not cluster.performance.replicationDisabled)
version.hasPerfReplication
)
}}
{{toggle-button
toggleTarget=this
toggleAttr='showExplanation'
openLabel="Disable Performance Replication in order to enable this cluster as a DR secondary."
closedLabel="Disable Performance Replication in order to enable this cluster as a DR secondary."
class="has-text-danger"
}}
{{#if showExplanation}}
When running as a DR secondary Vault is read only.
For this reason, we don't allow other replication modes to operate at the same time. This cluster is also
currently operating as a Performance {{capitalize cluster.performance.modeForUrl}}.
{{/if}}
{{else}}
{{textarea value=token id="secondary-token" name="secondary-token" class="textarea"}}
{{input value=primary_api_addr id="primary_api_addr" name="primary_api_addr" class="input"}}
{{#if (and token (not tokenIncludesAPIAddr))}}
The supplied token does not contain an embedded address for the primary cluster. Please enter the primary cluster's API address (normal Vault address).
{{else}}
Set this to the API address (normal Vault address) to override the
value embedded in the token.
{{/if}}
{{input value=ca_file id="ca_file" name="ca_file" class="input"}}
Specifies the path to a CA root file (PEM format) that the secondary can use when unwrapping the token from the primary.
{{input value=ca_path id="ca_path" name="ca_file" class="input"}}
Specifies the path to a CA root directory containing PEM-format files that the secondary can use when unwrapping the token from the primary.
Note: If both CA file and CA path are not given, they default to system CA roots.
{{/if}}
{{else}}
The token you are using is not authorized to enable secondary replication.
{{/if}}
{{/if}}
{{#if (or (and (eq mode 'primary') cluster.canEnablePrimary) (and (eq mode 'secondary') cluster.canEnableSecondary))}}