K8S - using Prometheus to monitor another prometheus instance in secure way
- You should consider using Additional Scrape Configuration
AdditionalScrapeConfigs
allows specifying a key of a Secret containing additional Prometheus scrape configurations. Scrape configurations specified are appended to the configurations generated by the Prometheus Operator.
I am affraid this is not officially supported. However, you can update your
prometheus.yml
section within the Helm chart. If you want to learn more about it, check out this blogI see two options here:
Connections to Prometheus and its exporters are not encrypted and authenticated by default. This is one way of fixing that with TLS certificates and stunnel.
Or specify Secrets which you can add to your scrape configuration.
Please let me know if that helped.