Network firewall requirements for monitoring Kubernetes cluster
Article
The following table lists the proxy and firewall configuration information required for the containerized agent to communicate with Managed Prometheus and Container insights. All network traffic from the agent is outbound to Azure Monitor.
Azure public cloud
Endpoint
Purpose
Port
*.ods.opinsights.azure.com
443
*.oms.opinsights.azure.com
443
dc.services.visualstudio.com
443
*.monitoring.azure.com
443
login.microsoftonline.com
443
global.handler.control.monitor.azure.com
Access control service
443
<cluster-region-name>.ingest.monitor.azure.com
Azure monitor managed service for Prometheus - metrics ingestion endpoint (DCE)
If you experience issues while you attempt to onboard the solution, review the Troubleshooting guide.
With monitoring enabled to collect health and resource utilization of your AKS cluster and workloads running on them, learn how to use Container insights.