Monitoring all Vault nodes status in Raft

Hi,

We have a vault cluster with raft storage backend running in AWS. Telemetry metrics is enabled and we can get metrics from cluster. But we need also to monitor each raft member status, so we can make sure that all raft members are healthy.

All the nodes run inside AWS autoscaling group behind a network loadbalancer. currently we monitored each node using its endpoint, for example:

• https://ip-1.compute.internal:8200/v1/sys/metrics
• https://ip-2.compute.internal:8200/v1/sys/metrics
• https://ip-3.compute.internal:8200/v1/sys/metrics
• https://ip-4.compute.internal:8200/v1/sys/metrics
• https://ip-5.compute.internal:8200/v1/sys/metric

but as you know these IPs are not elastic IP (static) and in case of any changes, the IP addresses will be changed. vault.raft.peers metric only shows the number of peers in the raft cluster configuration and doesn’t show the actual active peer nodes.

Then the question is that how we can monitor each nodes status?

Br,
Meraj

This feels more like a general AWS question to me than a Vault question. I don’t know AWS so I can’t help there - so I’m just pointing out that you shouldn’t be looking for a Vault-specific solution.

But is there any Vault metric which provides raft member status?

Not to the level of detail you will get by monitoring each node directly.

Perhaps https://www.vaultproject.io/docs/internals/telemetry#integrated-storage-raft-autopilot will suffice if your use case is just basic alerting.