Both monitoring sites are now accessible via HTTPS ingress.
- URL: https://grafana.ry-ops.dev
- HTTP Redirect: http://grafana.ry-ops.dev (auto-redirects to HTTPS)
- Status: Fully operational
- Default behavior: Redirects to /login page
- URL: https://prometheus.ry-ops.dev
- HTTP Redirect: http://prometheus.ry-ops.dev (auto-redirects to HTTPS)
- Status: Fully operational
- Default behavior: Redirects to /query page
- Grafana Service: kube-prometheus-stack-grafana (port 80)
- Prometheus Service: kube-prometheus-stack-prometheus (port 9090)
- Namespace: monitoring
- Ingress Controller: Traefik
- Ingress Class: traefik
- TLS: Enabled (Traefik default certificates)
- Load Balancer: 10.88.145.200
/Users/ryandahlberg/Projects/cortex/k8s/monitoring/grafana-ingress.yaml/Users/ryandahlberg/Projects/cortex/k8s/monitoring/prometheus-ingress.yaml
For external access, ensure DNS records are configured:
grafana.ry-ops.dev A/CNAME → 10.88.145.200
prometheus.ry-ops.dev A/CNAME → 10.88.145.200
Test HTTP access:
curl -I http://grafana.ry-ops.dev
curl -I http://prometheus.ry-ops.devTest HTTPS access:
curl -Ik https://grafana.ry-ops.dev
curl -Ik https://prometheus.ry-ops.devCheck ingress status:
kubectl get ingress -n monitoring
kubectl describe ingress grafana -n monitoring
kubectl describe ingress prometheus -n monitoring- Let's Encrypt certificates (letsencrypt-prod ClusterIssuer) not configured
- Currently using Traefik default TLS certificates
- Certificate status shows "False" but HTTPS still works via Traefik defaults
- Configure Let's Encrypt ClusterIssuer for proper SSL certificates
- Add authentication/authorization if needed
- Consider adding rate limiting
- Set up monitoring alerts for ingress availability
Problem: Monitoring sites inaccessible Root Cause: Missing ingress resources (services had LoadBalancers but no ingress) Solution: Created ingress resources for both Grafana and Prometheus Result: Both sites now accessible via HTTPS at *.ry-ops.dev domains Time to Resolution: ~3 minutes
Created: 2025-12-26 Last Updated: 2025-12-26