vault   1904

« earlier    

Telemetry: add prometheus endpoint option · Issue #2937 · hashicorp/vault
You can use blackbox for that. So for example in the blackbox.yml you can have
vault_unseal: prober: http timeout: 5s http: valid_status_codes: [200,429] method: GET no_follow_redirects: true fail_if_ssl: false fail_if_not_ssl: false fail_if_matches_regexp: - 'sealed":true'

The valid status codes are 200 and 429, because the standby node replies with a 429 (which is expected) and the active node with a 200

The rule in alertmanager to trigger the alerts:
- alert: Vault_node_sealed expr: probe_success{job="vault_sealed"} != 1 for: 1m labels: severity: xxx annotations:xxx

You can also use statsd-exporter to gather more specific stats and better alerts with expressions like:
expr: sum(increase(vault_core_leadership_lost_count{job="example"}[1h])) > 5

Hope it helps.
vault  prometheus  alerting  snippets 
yesterday by bbrown
HashiCorp Vault 1.0
Migrator めっちゃ嬉しい。
5 days ago by summerwind
Announcing 1.0! This release is honestly amazing and one of the most ambitious undertakings. I'm…
Vault  from twitter_favs
9 days ago by
Running Vault and Consul on Kubernetes -
In the following tutorial we'll walk you through provisioning Hashicorp's Vault and Consul on Kubernetes.
vault  consul  kubernetes 
10 days ago by geetarista
OpenShift - integration with Vault
3-part series about Vault in OpenShift
Kubernetes  Vault 
12 days ago by ahus1
hashicorp/terraform-aws-vault: A Terraform Module for how to run Vault on AWS using Terraform and Packer
A Terraform Module for how to run Vault on AWS using Terraform and Packer - hashicorp/terraform-aws-vault
terraform  aws  vault 
17 days ago by geetarista

« earlier    

related tags

1.0  1password  3-piece  3d  a  alerting  and  ansible  api  architecture  article  asset  authentication  autodesk  aws  aws_security  bastion  building  ca  certificates  classics  cloud  cloudhsm  code  collaboration  compare  concrete  configuration  construction  consul  csr  data  design  devices  devops  digital  discussion  docker  dynamodb  ecs  electronics  encrypt  encryption  engine  engineering  etcd  event  example  fabbing  fabric  file  footpatrol  game  gamedev  gcp  gdc  github  gke  go  golang  google  guide  hardware  hashicorp  hoarding  howto  hsm  iam  important  infosec  jump  k8s  keys  keywhiz  knitted  kubernetes  launch  ldap  learnit  local  mac  magic  management  media  of  okta  operator  ops  password  passwords  pki  playbook  pocket  postgresql  presentation  printing  programming  prometheus  properties  provisioner  provisioning  rds  reference  research  script  secret_management  secrets  secure  security  server  setup  shell  shotcrete  snippets  software  spring  ssh  stackoverflow  storage  sync  talks  technology  terraform  textile  tls  tools  tutorals  tutorial  ui  usb  vagrant  vagrantfile  vans  vault-operator  video  wizards  youtube 

Copy this bookmark: