Recommended Infrastructure | Honeycomb

We use cookies or similar technologies to personalize your online experience & tailor marketing to you. Many of our product features require cookies to function properly.

Read our privacy policy I accept cookies from this site

Recommended Infrastructure

This feature is available as part of the Honeycomb Enterprise plan.

The following sections detail the recommended infrastructure components and their configurations for Secure Tenancy.

One or Two Load Balancers Configured to Serve Traffic Over HTTPS  🔗

If you use one load balancer, Honeycomb will use it for both encrypting and decrypting data. You may use two load balancers to separate the encryption and decryption paths.

Configure the load balancer(s) with a signed certificate from a Certificate Authority, to serve as the entry point for encryption and decryption.

Configure these instances to allow incoming traffic from applications on the internal network(s) where they are running and so that end users can access the endpoint when tunneled in to the company VPN.

The domain name and SSL certificate should be publicly resolvable, but the endpoint can be on a non-publicly-routable IP accessible from within the VPN.

Your load balancers must support gRPC connections if you intend to use OpenTelemetry SDKs to instrument your applications.

Two Servers Provisioned to Run the Secure Proxy Itself  🔗

The aforementioned load balancer will forward traffic to these. If possible, place the servers in separate availability zones.

  • Recommended minimum size: 1 Core, 4 GB RAM
  • Recommended OS: Debian or Ubuntu

One Database Server  🔗

  • Running MySQL 5.7 or greater (we test on 5.7 and 8)
  • Recommended minimum size: 2 Cores, 4 GB RAM

The MySQL database should not be accessible by any programs other than the secure proxy.

Example  🔗

Here is an example configuration using AWS technology:

Example Secure Tenancy deployment architecture in AWS

If you’re planning to deploy using a higher level platform, such as OpenShift, Mesos, Kubernetes, and so on, please contact your Honeycomb representative to get additional, more specific guidance for your platform.

If you plan to use Kubernetes, the Helm guide details the recommended deployment options for Secure Tenancy infrastructure and Kubernetes.