values.yaml updated to include explicit cluster_name #889
Conversation
Setting an explicit cluster_name as part of the cluster roll-out / configuration is required without which a undesirable behavior arises where the reported Prometheus label does not correctly contain the cluster name - eg (at present):
vault_core_replication_dr_primary{cluster="",host="vault-2"} 0
| # Set cluster name instead of having it auto-generated. | ||
| # examples may include: "vault1-gke-uswest", "vault2-eks-useast", etc. | ||
| cluster_name: "" |
There was a problem hiding this comment.
This is a Vault specific parameter and should not be at the root level but instead should be in server.ha (it's only used for HA).
There was a problem hiding this comment.
I can move this to server.ha section on subsequent commit.
| @@ -834,6 +838,7 @@ server: | |||
| # https://www.vaultproject.io/docs/platform/k8s/helm/run#protecting-sensitive-vault-configurations | |||
| config: | | |||
| ui = true | |||
| cluster_name = {{ .Values.cluster_name | default (printf "%s-k8s" (include "vault.name" .)) | quote }} | |||
There was a problem hiding this comment.
Does this actually work? I've never seen the templates used outside of the K8s yaml helm is generating.
There was a problem hiding this comment.
Yes it works - I've tested it (with both explicit value set & nothing set) before making PR
There was a problem hiding this comment.
Example as per current helm documentation.
https://helm.sh/docs/chart_template_guide/functions_and_pipelines/#using-the-default-function
| @@ -834,6 +838,7 @@ server: | |||
| # https://www.vaultproject.io/docs/platform/k8s/helm/run#protecting-sensitive-vault-configurations | |||
| config: | | |||
| ui = true | |||
| cluster_name = {{ .Values.cluster_name | default (printf "%s-k8s" (include "vault.name" .)) | quote }} | |||
There was a problem hiding this comment.
You can't set a default here because if someone has already deployed Vault and it has a generated cluster name, this is going to introduce a new set of metrics.
| cluster_name = {{ .Values.cluster_name | default (printf "%s-k8s" (include "vault.name" .)) | quote }} | |
| cluster_name = {{ .Values.cluster_name | default (printf "%s-k8s" (include "vault.name" .)) | quote }} |
There was a problem hiding this comment.
vault.name is just vault right? - so if nothing is set it will always result in the same value no?
If users change it then it may result in what you're describing.
There was a problem hiding this comment.
I'm referencing Vault's code that generates the cluster name if it's not set in the config. It generates a cluster name that looks something like this: vault-cluster-b0435276. If you now start setting it in the config with a default anyone who was collecting metrics using the Vault generated name will now have a new set metrics.
There was a problem hiding this comment.
If you're referring to existing customers (with an existing deployment that has an auto-generated name) that may update their helm chart - in that case they would need to explicit set the cluster_name in values.yaml (may need another call out on the main helm page). I am not aware of any other way of importing that.
There was a problem hiding this comment.
We can't, so we should not have a default here, because they're going to need to explicitly set it.
There was a problem hiding this comment.
I added defaults in case for new deployment no value is set. I'm open to any proposal that you may be kind enough to commit.
Setting an explicit (HCL)
cluster_nameas part of the cluster roll-out / configuration is required without which an undesirable behavior arises where the reported Prometheus label does not correctly contain the cluster name - eg (at present):