This message was deleted SigNoz Community #general

Join Slack

This message was deleted.

# general

Slackbot

07/28/2022, 3:35 PM

This message was deleted.

Pranay

07/28/2022, 4:31 PM

@Prashant Shahi may have more insights on this

Benedikt

08/03/2022, 8:44 AM

@Prashant Shahi do you have any ideas regarding this?

Prashant Shahi

08/03/2022, 6:44 PM

Hey @Benedikt 👋 It is out of scope of SigNoz. However, you should be able to follow the guide below: https://medium.com/flant-com/cert-manager-lets-encrypt-ssl-certs-for-kubernetes-7642e463bbce

Benedikt

08/04/2022, 7:38 AM

I could solve the problem on my own by creating a second Service/NodePort:

Copy code

---
apiVersion: v1
kind: Service
metadata:
  labels:
    <http://app.kubernetes.io/component|app.kubernetes.io/component>: frontend
    <http://app.kubernetes.io/instance|app.kubernetes.io/instance>: signoz-telemetry
    <http://app.kubernetes.io/name|app.kubernetes.io/name>: signoz
  name: signoz-telemetry-frontend-public
spec:
  type: NodePort
  selector:
    <http://app.kubernetes.io/component|app.kubernetes.io/component>: frontend
    <http://app.kubernetes.io/instance|app.kubernetes.io/instance>: signoz-telemetry
    <http://app.kubernetes.io/name|app.kubernetes.io/name>: signoz
  ports:
    - name: client
      protocol: TCP
      port: 80
      targetPort: 3301

Benedikt

08/04/2022, 7:38 AM

I was able to attach this to the AWS Ingress and publish it

Benedikt

08/04/2022, 7:40 AM

My ingress:

Benedikt

08/04/2022, 7:41 AM

Copy code

---
apiVersion: <http://networking.k8s.io/v1|networking.k8s.io/v1>
kind: Ingress
metadata:
  name: staging-ingress-monitoring
  namespace: default
  annotations:
    <http://alb.ingress.kubernetes.io/certificate-arn|alb.ingress.kubernetes.io/certificate-arn>: arn:aws:acm:*****************************
    <http://alb.ingress.kubernetes.io/listen-ports|alb.ingress.kubernetes.io/listen-ports>: '[{"HTTP": 80}, {"HTTPS":443}]'
    <http://alb.ingress.kubernetes.io/ssl-redirect|alb.ingress.kubernetes.io/ssl-redirect>: '443'
    <http://alb.ingress.kubernetes.io/scheme|alb.ingress.kubernetes.io/scheme>: internet-facing
    <http://alb.ingress.kubernetes.io/subnets|alb.ingress.kubernetes.io/subnets>: subnet-***, subnet-***
spec:
  ingressClassName: alb
  rules:
    - host: dev-monitoring.*******.**
      http:
        paths:
          - path: /
            pathType: Prefix
            backend:
              service:
                name: signoz-telemetry-frontend-public
                port:
                  number: 80

Benedikt

08/04/2022, 7:41 AM

Attaching directly internally to port 3301 was not woring for me

Prashant Shahi

08/04/2022, 7:44 AM

it wouldn't require another service, you can use frontend service and ingress alongside Ingress-Nginx Controller.

Prashant Shahi

08/04/2022, 7:45 AM

I see you are using ALB instead. Did you check out the guide below? https://docs.aws.amazon.com/eks/latest/userguide/alb-ingress.html

Benedikt

08/04/2022, 7:47 AM

I will take a look, but it is already working 😉

Benedikt

08/04/2022, 7:48 AM

(As I've written above, just wanted to share my solution for the problem)

Prashant Shahi

08/04/2022, 7:49 AM

yup.. familiar with old wisdom "if it works, do not touch it" 😛

Prashant Shahi

08/04/2022, 7:49 AM

(As I've written above, just wanted to share my solution for the problem)

Yeah, really appreciate you sharing it.

Prashant Shahi

08/04/2022, 7:50 AM

do have a look at the following example: https://raw.githubusercontent.com/kubernetes-sigs/aws-load-balancer-controller/v2.4.2/docs/examples/2048/2048_full.yaml

Prashant Shahi

08/04/2022, 7:50 AM

you could include those similar annotation and class name in Frontend Ingress

Benedikt

08/04/2022, 7:52 AM

Good point, I will check that. Are there any advantages in that solution?

Prashant Shahi

08/04/2022, 7:53 AM

you wouldn't have another service in between so yeah, one less hop.

Benedikt

08/04/2022, 8:02 AM

As far as I understood, my service is not communicating to the signoz service, rather has its on node selector. So shouldn't it be the same?

Benedikt

08/04/2022, 8:02 AM

The selector is picking the pods as target

Prashant Shahi

08/04/2022, 8:02 AM

you are right.. It is using the selector.

Benedikt

08/04/2022, 8:02 AM

Because I've copied some parts of the original svc

Prashant Shahi

08/04/2022, 8:03 AM

now, only advantage would be single service and ingress for frontend as provided from Helm chart.

Benedikt

08/04/2022, 9:29 AM

Yes, that is true. I've not that much experiance with helm and don't know what happens if I change the original service

Prashant Shahi

08/04/2022, 9:37 AM

no worries.. you can keep using the way you are. Or, you can refer to the following equivalent:

Copy code

clickhouse:
  cloud: aws
  installCustomStorageClass: true
  persistence:
    storageClass: gp2-resizable

frontend:
  service:
    type: NodePort
  ingress:
    enabled: true
    classname: alb
    hosts:
      - host: dev-monitoring.*******.**
        paths:
          - path: /
            pathType: ImplementationSpecific
    # tls:
    #   - secretName: dev-monitoring.*******.**
    #     hosts:
    #       - dev-monitoring.*******.**
    annotations:
      <http://alb.ingress.kubernetes.io/certificate-arn|alb.ingress.kubernetes.io/certificate-arn>: arn:aws:acm:*****************************
      <http://alb.ingress.kubernetes.io/listen-ports|alb.ingress.kubernetes.io/listen-ports>: '[{"HTTP": 80}, {"HTTPS":443}]'
      <http://alb.ingress.kubernetes.io/ssl-redirect|alb.ingress.kubernetes.io/ssl-redirect>: '443'
      <http://alb.ingress.kubernetes.io/scheme|alb.ingress.kubernetes.io/scheme>: internet-facing
      <http://alb.ingress.kubernetes.io/subnets|alb.ingress.kubernetes.io/subnets>: subnet-***, subnet-***

6 Views

Open in Slack

Previous Next