VPC Communication and Services
Configure your network to communicate with Validio platform.
To be able to send notifications, error information or metrics you need to make sure your network is configured for this. This can be done either directly to the service or through an HTTP proxy.
HTTP Proxy
Validio supports using HTTP proxy for outbound communication for Slack, MS Teams, Sentry and OpenTelemetry Collector. The URLs for both http_proxy and https_proxy can be the same, it's internally in the application that they are used for http respectively https URLs.
Self-signed Certificate for HTTP Proxy
If you need to add a self signed CA certificate to the trust store for HTTP proxy, you can do that using helm values. The content can be one more more CA certficates in PEM format.
Here is an example:
ve:
diver:
certificate:
enabled: true
content: |
-----BEGIN CERTIFICATE-----
MIIF7zCCA9egAwIBAgIUHTNXv08AHjKzxJHm8TwgkeYysnswDQYJKoZIhvcNAQEL
BQAwgYYxCzAJBgNVBAYTAlhYMRIwEAYDVQQIDAlTdGF0ZU5hbWUxETAPBgNVBAcM
CENpdHlOYW1lMRQwEgYDVQQKDAtDb21wYW55TmFtZTEbMBkGA1UECwwSQ29tcGFu
...
Wo7+WuQherTT/VjlyrzYAZMkyhDmXGtJsIH4O5RVfj3t0DyGEmbV+I0zC/ljAVVi
01FJf058xlPH8mE/Wc9c0ijvuvdELfXjgXY/wWmzIW0xZs8HeysXNzg42QJ3zc08
Qgx6Flg6JNnP3xiiEjylUV+RPP7KF5eqkwU1SMyvQO2a1rk=
-----END CERTIFICATE-----Slack
Use the following configuration to enable HTTP proxy for Slack
ve:
diver:
env:
http_proxy: http://proxy.example.com:8080
https_proxy: http://proxy.example.com:8080The following destination will be used by Validio to send notifications to Slack, so make sure it's whitelisted in your network or in your HTTP proxy
hooks.slack.com
slack.comMS Teams
Use the following configuration to enable HTTP proxy for MS Teams
ve:
diver:
env:
http_proxy: http://proxy.example.com:8080
https_proxy: http://proxy.example.com:8080The following destination will be used by Validio to send notifications to MS Teams, make sure they are whitelisted in your network or in your HTTP proxy
*.outlook.office.com
login.botframework.com
login.microsoftonline.com
smba.trafficmanager.netSentry
Use the following configuration to enable HTTP proxy for Sentry
seastar:
env:
http_proxy: http://proxy.example.com:8080
https_proxy: http://proxy.example.com:8080
surface:
env:
http_proxy: http://proxy.example.com:8080
https_proxy: http://proxy.example.com:8080Make sure the following destinations are whitelisted in your network or HTTP proxy
sentry.io
o4506020911316992.ingest.sentry.ioOpenTelemetry Collector
To enable the OpenTelemetry collector you need to add a Kubernetes secret provided by Validio, it is the same secret used for pulling the container images.
First, set the VALIDIO_SECRET environment variable to point to your JSON file:
export VALIDIO_SECRET=/home/user/Downloads/validio-secret.jsonThen, add the Kubernetes Secret:
kubectl -n validio create secret generic google-credentials --from-file=key.json="${VALIDIO_SECRET}"Once the secret is created you can enable the OpenTelemetry Collector
The
otel-collector.config.customerkey needs to be configured with a value that Validio will provide.
otel-collector:
config:
customer: <value-provided-by-Validio>
tags:
metrcis: trueIf you require an HTTP proxy, here is how to configure that for OpenTelemetry Collector
otel-collector:
env:
http_proxy: http://proxy.example.com:8080
https_proxy: http://proxy.example.com:8080Make sure the following destinations are whitelisted in your network or HTTP proxy
oauth2.googleapis.com
monitoring.googleapis.comPosthog
Use the following configuration to enable HTTP proxy for Posthog:
surface:
env:
http_proxy: http://proxy.example.com:8080
https_proxy: http://proxy.example.com:8080Make sure the following destinations are whitelisted in your network or HTTP proxy:
ph.validio.ioUpdated 6 days ago