Open nessa829 opened 7 months ago
For more information, thanos query's args:
args:
- query
- '--log.level=info'
- '--log.format=logfmt'
- '--grpc-address=0.0.0.0:10901'
- '--http-address=0.0.0.0:10902'
- '--query.replica-label=replica'
- >-
--endpoint=dnssrv+_grpc._tcp.thanos-query-xxxx-storegateway.monitoring.svc.cluster.local
- >-
--endpoint=dnssrv+_grpc._tcp.thanos-query-xxxx-ruler.monitoring.svc.cluster.local
- '--endpoint=prometheus-inhouse-kube-pr-thanos-discovery:10901'
- '--endpoint=dns+thanos-sc-alpha.alpha.example.in:443'
- '--grpc-client-server-name=thanos-sc-alpha.alpha.example.in'
I have tried grpc.server.tls.enable : true
or grpc.client.tls.enable : true
or both,
but nothing was successful...
Also, i have gone through similar issues, also nothing was successful ;( (i.e. --grpc-client-tls-secure
)
Hello @nessa829 were you able to fix that ?
@KM3dd Hi, i changed it to create nlb instead (service type: loadbalancer) of ALB, and it worked.
@nessa829 thank you for your response, that's what I am rying to do but I am new to that so I got stuck, meaning you kept using nginx but service type is loadbalancer or you exposed the service directly and used the external address ip ? thank you again
@KM3dd I disabled thanosIngress
and enabled thanosServiceExternal
instead
thanosServiceExternal:
annotations:
service.beta.kubernetes.io/aws-load-balancer-name: "thanos-sc-lb"
service.beta.kubernetes.io/aws-load-balancer-scheme: "internal"
service.beta.kubernetes.io/aws-load-balancer-type: "external"
service.beta.kubernetes.io/aws-load-balancer-nlb-target-type: "ip"
service.beta.kubernetes.io/aws-load-balancer-subnets: {{prometheus.subnet}}
@nessa829 thank you very much for your help
@nessa829 would you mind to write a brief description on how you solved the issue?
Thanos, Prometheus and Golang version used: docker.io/bitnami/thanos:0.31.0-scratch-r8
Object Storage Provider: Amazon s3
What happened: I am trying to add an thanos sidecar from another eks cluster(Cluster B) to the thanos query store(Cluster A).
in Cluster A, I used the helm chart (kube-prometheus-stack:47.3.0), and expose the thanos sidecar with alb lb controller ingress.
After the installtion, i was able to access the grpc with grpcurl.
However, my thanos-query in Cluster B cannot discover the sidecar.
FYI, the alb security group is open to thanos query, as welll as my local laptop.
What you expected to happen: Thanos query should be able to discover external sidecar, which is exposed by aws ALB grpc.
How to reproduce it (as minimally and precisely as possible):
as above.
Full logs to relevant components: as above.
Anything else we need to know: