• /
  • Log in

Auto-telemetry with Pixie data and security

Auto-telemetry with Pixie is New Relic One's integration of Community Cloud for Pixie, a managed version of Pixie open source software. Auto-telemetry with Pixie therefore benefits from Pixie's approach to keeping data secure. The data that Pixie collects is stored entirely within your Kubernetes cluster. This data does not persist outside of your environment, and will never be stored by Community Cloud for Pixie. This means that your sensitive data remains within your environment and control.

Community Cloud for Pixie makes queries directly to your Kubernetes cluster to access the data. In order for the query results to be shown in the Community Cloud for Pixie UI, CLI, and API, the data is sent to the client from your cluster using a reverse proxy.

Community Cloud for Pixie’s reverse proxy is designed to ensure:

  • Data is ephemeral. It only passes through the Community Cloud for Pixie's cloud proxy in transit. This ensures data locality.
  • Data is encrypted while in transit. Only you are able to read your data.

New Relic One fetches and stores data that related to an application's performance. With Auto-telemetry with Pixie, a predefined subset of data persists outside of your cluster. This data is stored in Telemetry Data Platform, in the your selected region. This data persists in order to give you long-term storage, alerting, correlation with additional data, and the ability to use advanced New Relic platform capabilities, such as anomaly detection.

The persisted performance metrics include, but are not limited to:

  • Golden metrics (throughput, latency, error rate) for HTTP-based services
  • HTTP transaction data
  • Database transaction data (for MySQL & PostgreSQL)
  • Distributed tracing
  • JVM metrics

The data you view on the Live debugging tab comes through Community Cloud for Pixie, and is therefore potentially sensitive. It is not stored by New Relic and is ephemeral and queryable for less than 24 hours.

Control who has access to Pixie data

If you want to manage which members of your organization can view Pixie data in New Relic One, as well as install and delete Pixie links, you can create a custom role. Note that this option is available only to Enterprise and Pro level customers. For more information, see New Relic's user model.

Manage auto-update and two-way communication

Pixie maintains an active two-way communication channel from your host system to Community Cloud with Pixie at withpixie.ai. Pixie uses this communication channel to query data, push updates, and retrieve metadata and health checks about Pixie and your Kubernetes cluster.

By default, Pixie queries withpixie.ai to check if new updates have been pushed and then automatically installs them if they’re present. To disable auto updates, you must set a flag prior to the install process using either Helm or in the newrelic-manifest.yaml file. To disable automatic updates, choose one:

For more help

If you need more help, check out these support and learning resources:

Create issueEdit page
Copyright © 2021 New Relic Inc.