Monitoring Kubernetes Workloads with Thanos and Prometheus Operator

Are your applications running on Kubernetes? Is it highly scalable and you are happy with the way it works? Wait a minute, How are you monitoring them? Ahh, Prometheus Right? Cool, Did you ever wonder how scalable and Highly available your Prometheus Cluster Is? Before that, here is a mail from your boss asking you to find out the number of http_requests that your website received last Xmas or Let's make this the Indian Style. Your boss wants to know the number of customers who had visited your website ( total number…

Monitoring Kubernetes Workloads with Thanos and Prometheus Operator

In Part I of this article we have understood the various components of Thanos and its use cases. In this Part II, we will configure Thanos with GCS ( Google Cloud Storage ) and understand how metrics can be retained for longer periods using Thanos. We will also configure Grafana to use the Thanos Query Frontend to visualize graphs from various clusters ( Thanos Queriers ).

Image Credits: Thanos website

What is the entire story all about? (TLDR)

  1. Install Thanos using the Bitnami Helm chart.
  2. Configure Thanos to use GCS as its Object store.


  1. A Kubernetes cluster ( Can be either On-Prem, AKS, EKS…

Security checks in Kubernetes Cluster Using Kube-bench and Kube-hunter

We are now living in the Kubernetes world. Wherever you go the only word that you hear is Kubernetes. Well, how far is this safe and reliable. Is the Kubernetes cluster production ready? Everyone merely cares about how to create the Kubernetes cluster and how to deploy the application to the Kubernetes cluster, Once the cluster and ready and once the application is deployed they move on. The main aspect that is missing here is Security. Does anyone still remember that securing the Kubernetes cluster is also a part of the…

Visualize network policies in Kubernetes using Cilium Editor

You might have a couple of microservices running on Kubernetes. Considering a simple architecture you might have a web server ( The frontend ) and a database server ( The backend ) and a couple of other microservices too ( Ex: A messaging queue like Kafka, RabbitMQ, etc ). You might want that the database server should only be accessible by Kafka, RabbitMQ Pods. The messaging broker pods ( i.e. Kafka ) should receive traffic only from the web-server pods. How is all of this achieved? How can we control the Ingress…

Autoscale your applications in Kubernetes using Vertical Pod Autoscaler ( VPA ) and Horizontal Pod Autoscaler ( HPA )

What is Autoscaling?

Autoscaling is a method that dynamically scales up / down the number of computing resources that are being allocated to your application based on its needs. For example, you might have a situation where the load on your website increases only at the end of every month. You might need additional web servers to handle the load at the end of every month. But what about the rest of the days, your servers sit idle and your monthly…

Run your GitHub actions on your own Kubernetes cluster

In my previous article on Creating a GKE cluster with GitHub actions, we have used GitHub actions to create a GKE cluster. We used the runners which are hosted on Github servers. In this case, we will not have access to the Infrastructure, and we are running our code on a GitHub hosted server. There might be few restrictions within your organization that the code that is running should be run in the infrastructure which is hosted by your organization and you want to run on an infra where you have…

RabbitMQ up and running on Kubernetes and test using a simple Golang application.

Well, the word RabbitMQ is quite heard across the DevOps Era. So before we proceed to understand what RabbitMQ is let us understand what a messaging broker is. A message broker is a software that enables applications, services to communicate with each other and exchange data. Some examples of these messaging broker software are

  1. Apache Kafka
  2. Amazon MQ
  3. Oracle Message Broker
  4. Apache Active MQ
  5. Rabbit MQ ( We will deep dive about Rabbit MQ in this article )

RabbitMQ is an open-source message-broker. It is the most…

How to create any resource on the cloud using Kubernetes manifests and Crossplane.

In the Kubernetes era, all of your application blueprints are packaged into a lot of Kubernetes manifests files or maybe also packages as charts using tools like helm. So how do you create any cloud resource on the cloud? You can maybe use

  1. An external terraform module to create the resource.
  2. Use a Kubernetes Job and create the resources using AWS SDK’s.
  3. Use a bash / Python script and internally call AWS CLI commands.

But how reliable is this? Unlike Kubernetes manifests in which the yaml file…

How to store your secrets in GitHub using Sealed Secrets and Kubeseal

Nowadays in the Kubernetes era, all of our manifests are stored in an SCM tool like GitHub, Gitlab, BitBucket, etc. But where are your Kubernetes secrets stored? Do you store them in any SCM tool? If yes, then you may probably want to delete them from SCM right away. Because Kubernetes secrets are base64 encoded. Anyone knowing this command base64 -d can easily decode your secrets. So where do you want to store your secrets now? May be store all the manifests in GitHub and store the secrets…

How to automatically create DNS records in Kubernetes using External DNS

Are you running your workloads in GKE / EKS / AKS? Do you use Services of type LoadBalancer? If yes then this is the right article for you. Let us suppose you have a web application running in your Kubernetes Cluster. You might have a public-facing load balancer so that your application is accessible to the entire world. Imagine you have a domain name called and you want to map that to your public-facing load balancer provisioned by Kubernetes. For this, you can either use a gcloud command…

Pavan Kumar

Cloud DevOps Engineer at Informatica || CKA | CSA | CRO | AWS | ISTIO | AZURE | GCP | DEVOPS Linkedin:

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store