Recommended Infrastructure | Honeycomb

We use cookies or similar technologies to personalize your online experience & tailor marketing to you. Many of our product features require cookies to function properly.

Read our privacy policy I accept cookies from this site

Recommended Infrastructure

Secure Tenancy is planned to be End-of-Life at the end of 2022 in favor of built-in security enhancements. Existing customers using Secure Tenancy will continue to be supported on Honeycomb Classic until this time.

The following sections detail the recommended infrastructure components and their configurations for Secure Tenancy.

One or Two Load Balancers Configured to Serve Traffic Over HTTPS 

If you use one load balancer, Honeycomb will use it for both encrypting and decrypting data. You may use two load balancers to separate the encryption and decryption paths.

Configure the load balancer(s) with a signed certificate from a Certificate Authority, to serve as the entry point for encryption and decryption.

Configure these instances to allow incoming traffic from applications on the internal network(s) where they are running and so that end users can access the endpoint when tunneled in to the company VPN.

The domain name and SSL certificate should be publicly resolvable, but the endpoint can be on a non-publicly-routable IP accessible from within the VPN.

Your load balancers must support gRPC connections if you intend to use OpenTelemetry SDKs to instrument your applications.

Two Servers Provisioned to Run the Secure Proxy Itself 

The aforementioned load balancer will forward traffic to these. If possible, place the servers in separate availability zones.

  • Recommended minimum size: 1 Core, 4 GB RAM
  • Recommended OS: Debian or Ubuntu

One Database Server 

  • Supported databases are MySQL 5.7 or greater (we test on 8.0), or Postgres 13.0 or greater (we test on 14.0)
  • Recommended minimum size: 2 Cores, 4 GB RAM

The database should not be accessible by any programs other than the secure proxy.


Here is an example configuration using AWS technology:

Example Secure Tenancy deployment architecture in AWS

If you are planning to deploy using a higher level platform, such as OpenShift, Mesos, Kubernetes, and so on, please contact your Honeycomb representative to get additional, more specific guidance for your platform.

If you plan to use Kubernetes, the Helm guide details the recommended deployment options for Secure Tenancy infrastructure and Kubernetes.

Did you find what you were looking for?