cypher
/
betelgeusebytes
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
betelgeusebytes/k8s/observability-stack/DNS-SETUP.md

147 lines
3.7 KiB
Markdown
Raw Permalink Blame History

# DNS Configuration Guide
## Required DNS Records
### Minimum Setup (Recommended)
Only **one** DNS record is required for basic operation:
```
grafana.betelgeusebytes.io A/CNAME <your-cluster-ip>
```
This gives you access to the complete observability stack through Grafana's unified interface.
## Optional DNS Records
If you want direct access to individual components, add these DNS records:
```
prometheus.betelgeusebytes.io A/CNAME <your-cluster-ip>
loki.betelgeusebytes.io A/CNAME <your-cluster-ip>
tempo.betelgeusebytes.io A/CNAME <your-cluster-ip>
```
Then deploy the optional ingresses:
```bash
kubectl apply -f 21-optional-ingresses.yaml
```
## DNS Record Types
**Option 1: A Record (Direct IP)**
```
Type: A
Name: grafana.betelgeusebytes.io
Value: 1.2.3.4 (your cluster's public IP)
TTL: 300
```
**Option 2: CNAME (Alias to another domain)**
```
Type: CNAME
Name: grafana.betelgeusebytes.io
Value: your-server.example.com
TTL: 300
```
## Access URLs Summary
### After DNS Setup
| Service | URL | Purpose | DNS Required? |
|---------|-----|---------|---------------|
| **Grafana** | https://grafana.betelgeusebytes.io | Main dashboard (logs/metrics/traces) | ✅ Yes |
| **Prometheus** | https://prometheus.betelgeusebytes.io | Metrics UI (optional) | ⚠️ Optional |
| **Loki** | https://loki.betelgeusebytes.io | Logs API (optional) | ⚠️ Optional |
| **Tempo** | https://tempo.betelgeusebytes.io | Traces API (optional) | ⚠️ Optional |
### Internal (No DNS Needed)
These services are accessible from within your cluster only:
```
# Metrics
http://prometheus.observability.svc.cluster.local:9090
# Logs
http://loki.observability.svc.cluster.local:3100
# Traces (OTLP endpoints for your apps)
http://tempo.observability.svc.cluster.local:4317 # gRPC
http://tempo.observability.svc.cluster.local:4318 # HTTP
# Grafana (internal)
http://grafana.observability.svc.cluster.local:3000
```
## Verification
After setting up DNS, verify it's working:
```bash
# Check DNS resolution
dig grafana.betelgeusebytes.io
nslookup grafana.betelgeusebytes.io
# Should return your cluster IP
# Test HTTPS access
curl -I https://grafana.betelgeusebytes.io
# Should return 200 OK or 302 redirect
```
## TLS Certificate
Let's Encrypt will automatically issue certificates for:
- grafana.betelgeusebytes.io (required)
- prometheus.betelgeusebytes.io (if optional ingress deployed)
- loki.betelgeusebytes.io (if optional ingress deployed)
- tempo.betelgeusebytes.io (if optional ingress deployed)
Check certificate status:
```bash
kubectl get certificate -n observability
kubectl describe certificate grafana-tls -n observability
```
## Recommendation
**For most users:** Just configure `grafana.betelgeusebytes.io`
Why?
- Single DNS record to manage
- Grafana provides unified access to all components
- Simpler certificate management
- All functionality available through one interface
**For advanced users:** Add optional DNS records if you need:
- Direct Prometheus UI access for debugging
- External log/trace ingestion
- API integrations
- Programmatic queries outside Grafana
## Troubleshooting
**DNS not resolving:**
- Check DNS propagation: https://dnschecker.org/
- Wait 5-15 minutes for DNS to propagate
- Verify your DNS provider settings
**Certificate not issued:**
```bash
# Check cert-manager
kubectl get pods -n cert-manager
# Check certificate request
kubectl describe certificate grafana-tls -n observability
# Check challenges
kubectl get challenges -n observability
```
**403/404 errors:**
- Verify ingress is created: `kubectl get ingress -n observability`
- Check NGINX ingress controller: `kubectl get pods -n ingress-nginx`
- Check ingress logs: `kubectl logs -n ingress-nginx <nginx-pod>`
Reference in New Issue View Git Blame Copy Permalink