cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Kubernetes Monitoring || Firewall requirement

Hi All,

 

May I request which firewall ports need to take for enabling Kubernetes monitoring in Dynatrace Managed?

 

We have three master nodes and 20 worker nodes, and also we have a few DB worker nodes.

Source, destination, and port?

 

And if we want to enable only infra-level monitoring for DB worker nodes, Do we have other option?

 

Regards,

Venkat

4 REPLIES 4

Mizső
DynaMight Guru
DynaMight Guru

Hi VenkataSainat,

 

Maybe I wrong and other communinty member correct me but it depends on the instumnetation type. I have expereince with calssicfullstack becasue I always use this instrumentation type. I think in this case port 443 would be enough between Kubernetes range and DT managed (hosts or range). In classicfullstack instrumentation you can deploy a containered activegate. This AG should communicate with the DT managed servers (not the individual host agents with DT managed servers).

 

I hope it helps.

 

Br, Mizső

 

Dynatrace Community RockStar 2024, Certified Dynatrace Professional

hi Mizső,

hope you are doing well.

in your experience, do the both master node and work node need to setup the firewall on 443 port, or just config the master node is fine?

Regards,

Marcos

Mizső
DynaMight Guru
DynaMight Guru

Hi @MarcosZ,

I think open fw for worker nodes are enough. Restric the active gate to the worker nodes, in this case containerized AG can connect to managed nodes and connect the cluster api interface.

nodeSelector:
      "node-role.kubernetes.io/worker": ""
 
I hope it helps.
Best regards,
Mizső
Dynatrace Community RockStar 2024, Certified Dynatrace Professional

thank you for the information, im appreciated.

Featured Posts