Skip to Main Content
Cloud Management and AIOps


This is an IBM Automation portal for Cloud Management, Technology Cost Management, Network Automation and AIOps products. To view all of your ideas submitted to IBM, create and manage groups of Ideas, or create an idea explicitly set to be either visible by all (public) or visible only to you and IBM (private), use the IBM Unified Ideas Portal (https://ideas.ibm.com).

Shape the future of IBM!

We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:

Search existing ideas

Start by searching and reviewing ideas and requests to enhance a product or service. Take a look at ideas others have posted, and add a comment, vote, or subscribe to updates on them if they matter to you. If you can't find what you are looking for,

Post your ideas
  1. Post an idea.

  2. Get feedback from the IBM team and other customers to refine your idea.

  3. Follow the idea through the IBM Ideas process.

Specific links you will want to bookmark for future use

Welcome to the IBM Ideas Portal (https://www.ibm.com/ideas) - Use this site to find out additional information and details about the IBM Ideas process and statuses.

IBM Unified Ideas Portal (https://ideas.ibm.com) - Use this site to view all of your ideas, create new ideas for any IBM product, or search for ideas across all of IBM.

ideasibm@us.ibm.com - Use this email to suggest enhancements to the Ideas process or request help from IBM for submitting your Ideas.

Status Under review
Workspace Instana
Categories Agent
Created by Guest
Created on Mar 7, 2024

Use service name instead of host IP to reach instana agent from monitored applications in K8s

Dear colleagues

Tanzu k8s cluster have strict security rules that block communication between podNetwork and hostNetwork IP addresses. The effect of it is inability or significant reduce in flexibility to trace applications like JVM based. Solution would be to use k8s service to address instana agent instead of node IP. We do not have any "second hop" issue here because in the "instana-agent" service has “internalTrafficPolicy: Local” already and all pods reach the agent on the same node. We tested it by running agents in podNetwork, all communications head to the agent pod on the same node. Only issues we noticed are Instana backend pods (including beeinstana) which look for agent on hostIP in the case we need to change that too.

Please consider changing default behaviour from using hostIP to K8s service to access instana agent.

Thank you

Idea priority Urgent
  • Guest
    Reply
    |
    May 17, 2024

    We had to use the approach with another customer who uses Istio service mesh on the application cluster. Agent was not able to reach Internet from node network. We had to configure pod network, labeled daemonset to add isto sidecar container into agent's pod and added environment variable INSTANA_AGENT_HOST=instana-agent.instana-agent.svc to every instrumented application pod.