Hello,
I have been trying to configure the telemetry of our Vault cluster in a Kubernetes setup and I am trying to pull values from the Environment variables of the Pod.
Is it possible to pull data from the Pod’s env variables and place it in “dogstatsd_tags”? If it is not possible, is there any workaround to achieve this in “vault-helm” ?
I am using the “dogstatsd” metric format.
values.yaml
global:
enabled: true
injector:
enabled: false
server:
enabled: true
extraSecretEnvironmentVars:
- envName: AWS_ACCESS_KEY_ID
secretName: eks-creds
secretKey: AWS_ACCESS_KEY_ID
- envName: AWS_SECRET_ACCESS_KEY
secretName: eks-creds
secretKey: AWS_SECRET_ACCESS_KEY
# Port on which Vault server is listening
port: 8200
# Target port to which the service should be mapped to
targetPort: 8200
image:
repository: "hashicorp/vault"
tag: "1.7.4"
ha:
enabled: true
replicas: 2
config: |
ui = true
listener "tcp" {
tls_disable = 1
address = "[::]:8200"
cluster_address = "[::]:8201"
}
seal "awskms" {
region = "us-east-1"
kms_key_id = "c36cd5f8-20cf-479c-8391-*******"
}
storage "s3" {
bucket = "test-svault"
region = "us-east-1"
max_parallel = "512"
}
ha_storage "dynamodb" {
ha_enabled = "true"
region = "us-east-1"
table = "vault-test"
max_parallel = "25"
read_capacity = "5"
write_capacity = "5"
}
telemetry {
dogstatsd_addr = "test-telegraf.monitoring.svc.cluster.local:8125"
dogstatsd_tags = [
"env:apse1d",
"service:eks-poc",
"region:us-east-1",
"role:vault",
"k8s_namespace:${env(VAULT_K8S_NAMESPACE)}"
]
disable_hostname = true
unauthenticated_metrics_access = true
}
ui:
enabled: true
serviceType: "LoadBalancer"
serviceNodePort: null
externalPort: 8200