|
|
Subscribe / Log in / New account

Monitoring with Prometheus 2.0

Monitoring with Prometheus 2.0

Posted Jan 18, 2018 10:51 UTC (Thu) by nim-nim (subscriber, #34454)
Parent article: Monitoring with Prometheus 2.0

If you're monitoring over untrusted networks, it's much better to add a trusted apache (or whatever) layer to perform public auth and crypto over a loopback http service such as prometheus, rather than trust every component to talk https and get the crypto aspects right

Sure it's a bit longer to setup, than if it was built-in, to do you trust someone to actually audit all the built-in https stacks out there? Especially given how fast https security moves nowadays?

to post comments

Monitoring with Prometheus 2.0

Posted Jan 18, 2018 17:07 UTC (Thu) by fwiesweg (guest, #116364) [Link]

We found this to be a valid argument, too. Our applications are running behind an nginx reverse proxy anyway so setting up forwarding the exporters via https (with client authentication for the scraper, too) was a straightforward and simple step.


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds