I am trying to enable Prometheus metrics from a Vault cluster hosted in Kubernetes installed via the Helm chart. I added this to my Vault configuration:
telemetry {
disable_hostname = true
prometheus_retention_time = "12h"
}
I also created a policy
path "/sys/metrics*" {
capabilities = ["read"]
}
It creates the policy but is probably moot since I’m using the root token for now. Anyways, when I do a read
operation on the /sys/metrics` path it returns nothing.
(⎈ |supervisor:vault)~ % vault read /sys/metrics
(⎈ |supervisor:vault)~ %
Can you offer any guidance on why this is empty? Note, I restarted one of the pods just to make sure.