K8S - using Prometheus to monitor another prometheus instance in secure way K8S - using Prometheus to monitor another prometheus instance in secure way kubernetes kubernetes

K8S - using Prometheus to monitor another prometheus instance in secure way


security kubernetes prometheus istio prometheus-operator

  1. You should consider using Additional Scrape Configuration

AdditionalScrapeConfigs allows specifying a key of a Secret containing additional Prometheus scrape configurations. Scrape configurations specified are appended to the configurations generated by the Prometheus Operator.

  1. I am affraid this is not officially supported. However, you can update your prometheus.yml section within the Helm chart. If you want to learn more about it, check out this blog

  2. I see two options here:

Connections to Prometheus and its exporters are not encrypted and authenticated by default. This is one way of fixing that with TLS certificates and stunnel.

Or specify Secrets which you can add to your scrape configuration.

Please let me know if that helped.

security kubernetes prometheus istio prometheus-operator

A couple of options spring to mind:

  1. Put the two clusters in the same network space and put a firewall in-front of them
  2. VPN tunnel between the clusters.
  3. Use istio multicluster routing (but this could get complicated): https://istio.io/docs/setup/install/multicluster

Recent Posts
How can I color dots in a xy scatterplot according to column value?
How to update a claim in ASP.NET Identity?
What does {0} mean when initializing an object?
Accessing members of items in a JSONArray with Java
How to log SQL statements in Spring Boot?
Powershell Get-WebSite name parameter is ignored
How to detect scroll to bottom of html element
Java synchronized method
How to test controllers with CodeIgniter?
Detect Visual Composer
Matplotlib: Specify format of floats for tick labels
Rails join a list of strings with commas and "and" before the last