tobs
tobs copied to clipboard
timescale
tobs - The Observability Stack for Kubernetes. Easy install of a full observability stack into a k8s cluster with Helm charts.
I consider this a bug which does not work well when installing via helm with `--generate-name` flag.
**What is missing?** Right now majority of pods are running with default SecurityContext. We should change it to force containers to run confined and use linux hardening capabilities (AppArmor, SELinux,...
**What is missing?** We are not testing TimescaleCloud integration in tests. **Why do we need it?** To catch potential issues with that integration. **Anything else we need to know?**:
**What is missing?** There is no way to modify current settings applied in [Instrumentation CR](https://github.com/timescale/tobs/blob/master/chart/templates/otel-auto-instrumentation.yaml) **Why do we need it?** To allow parametrization. **Anything else we need to know?**:
**What is missing?** Tobs is not setting up ServiceMonitor for grafana and thus prometheus is not collecting metrics from grafana instance. **Why do we need it?** To increase observability of...
**What is missing?** When pushing traces to otel-collector via GRPC on port 4317, they don't appear in promscale. **Why do we need it?** To allow traces ingest. **Anything else we...
**What happened?** Pods which are not contacting kubernetes API have SA token mounted which is a security threat. We should consider implementing [mechanisms from kube-prometheus project](https://github.com/prometheus-operator/kube-prometheus/issues/1589) and prevent mounting SA...
ServiceAccount objects listed below have too broad access and are able to modify `coredns` ConfigMap. As such this can result in CoreDNS poisoning attack. We should disallow those SAs to...
**What is missing?** Tobs is currently not shipping NetworkPolicy objects. Although we cannot create all such objects, we can do so for communication internal to the stack (similarily how it...
I was uninstalling using Helm and reinstalling and got the following error. I am using the timescale/tobs (version 0.7.0) Error: rendered manifests contain a resource that already exists. Unable to...
