Prometheus deployment with firewall controlled subnets

[Sakthi raam]

Hi All,

I'm new to prometheus and exploring it. Need inputs on how to deploy Prometheus when we have different IP sub-nets (DMZ, App, Internal) and each subnets has to go via firewall. Since the node exporter is exposed through HTTP if i deploy Prometheus server in internal subnet i need to open firewall for all the server in DMZ's and APP to access the node exporter port. Do we have a way to avoid this like deploying Prometheus in each subnets and consolidating the data to one.

https://www.robustperception.io/scaling-and-federating-prometheus/

Can we follow the below documentation for our requirement or any suggestion will help me 

Thanks in Advance

Regards

Sakthi

[Ben Kochie]

Running Prometheus inside each isolated network is the recommended method. This way you're not monitoring the network via proxy.

Federation is not a replication method, it's designed for creating a tree hierarchy of summary data.

Tools like Grafana can be configured to connect to multiple Prometheus servers, providing a single dashboard view.

For larger scale, you may want to look into Cortex or Thanos as "single pane" aggregators. These come with added complexity.

--
You received this message because you are subscribed to the Google Groups "Prometheus Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to prometheus-use...@googlegroups.com.
To post to this group, send email to promethe...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/prometheus-users/c7d3f0d5-113a-4e7d-939d-6b771a49b7a5%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.