How to create ServiceMonitor to enable Vault Server Metrics?

I am trying to deploy vault from GitHub - hashicorp/vault-helm: Helm chart to install Vault and other associated components. , but values.yaml does not have servicemonitor.

I can see that there is steps to enbale telemetry in the config file, still there is not steps for serviceMonitor object creation in k8s.

It’s up to you to choose and implement whatever monitoring solution you want. If that happens to be prometheus-operator, you’ll need to add a ServiceMonitor yourself.

Yup, I wanted to use ServiceMonitor. But it would have been better if there was a guide or tutotial like all other topics.

Will try to figure it out then.

Just to make sure you’re not confusing yourself. There are different points that you can monitor for different purposes. Liveliness for example is a pod monitor that tells the kub service when a pod is bad and needs to be acted upon.

If you’re looking at the application level and monitoring Vault, Splunk, Datadog are good for cloud solutions. Elastic stack and/or Prometheus are good for local.

[ Before someone nitpicks – both sets of solutions are available as local and as SaaS options, I’m just going with the traditional use case ]

Actually we care about latency and we use Prometheus. All what was confusing me, how to make it work with authenticated token for prometheus sa, when it scrap the metrics for now I decided to allow unauthenticated access as there is no clear steps I can follow for my servicemonitor setup :slight_smile:

I configured a service monitor once, I found this in my records, don’t remember all details, though.

kind: ServiceMonitor
  name: vault-servicemonitor
    release: prometheus
    matchLabels: vault
    - interval: 30s
      path: /v1/sys/metrics
          - prometheus
      port: http
        insecureSkipVerify: true
        name: vault-monitor-token
        key: token

Thanks for your kind help.