I am using the docker-compose.yaml file to run the OpenSearch and OpenSearch dashboard. I am using the v2.5.0 OpenSearch Dashboard.
I want to assign the user with role "opensearch_dashboards_read_only" but I am not able to find from the role list.
In documentation, it is available.
Should I need to configure somewhere to enable this role?
Config file looks like below.
Related
I am a free Grafana cloud plan user.
I want to enable anonymous access to my dashboard.
I searched many places and found they all talked about changing the config file in code.
I cannot find where the config file is and it seems everyone talks about the config files and knows where it is located. Also found this official document talks about how to enable the anonymous access.
To me, it feels like I need to log into a console on the Grafana server, but I cannot find it.
How can I change the config file to enable anonymous access to my dashboard? Does it require a paid plan?
You don't have access to config file as free Grafana cloud user. Deploy own Grafana instance and then you will be able to customize config file.
For anyone coming here from a search, my grafana.ini was in
/etc/grafana/grafana.ini
More info on the config file location here.
I am newbie to K8s and still testing things. I have got prometheus running outside my cluster. I am using admin creds to hit kube api server to get metrics in to my prometheus which at the moment is working fine.
I want to create another user only to scrape metrics. While searching, i could not find any documentation on creating a user with user id and password.
Also, we are managing our repo in gitlab with pipeline. Is it possible to create user using yaml config instead of kubectl as given in the documentation.
Thanks
Eswar
According to Prometheus docs:
Prometheus does not directly support basic authentication (aka "basic auth") for connections to the Prometheus expression browser and HTTP API. If you'd like to enforce basic auth for those connections, we recommend using Prometheus in conjunction with a reverse proxy and applying authentication at the proxy layer.
In the link above there is a step-by-step guide in how to set up a nginx reverse proxy in front of Prometheus.
We are using https://github.com/poseidon/typhoon for our kubernetes cluster setup.
I want to set up a dashboard for kubernetes similar to https://kubernetes.io/docs/tasks/access-application-cluster/web-ui-dashboard/
I followed https://docs.aws.amazon.com/eks/latest/userguide/dashboard-tutorial.html and I am able to get the dashboard on my localhost
The issue with this is that "EVERY USER HAS TO FOLLOW THE SAME TO ACCESS THE DASHBOARD"
I was wondering if there was some way wherein we can access the dashboard via DomainName and everyone should be able to access it without much pre-set up required.
In dashboard documentation you can read:
Using Skip option will make Dashboard use privileges of Service
Account used by Dashboard. Skip button is disabled by default since
1.10.1. Use --enable-skip-login dashboard flag to display it.
So you can add --enable-skip-login to the dashboard to display skip button.
If your users don't want to login, they can click Skip button during login and use privileges of Dashboard service account.
How to configure Basic Authentication Configuration In kubernetes Dashbaord .I have done below steps
--authentication-mode=basic added in kubernetes dashboard deployment yaml.
Done API server to be configured (inside /etc/kubernetes/manifests/kube-apiserver.yaml" with authorization mode ABAC and --basic-auth-file given to a file and that file contain like "userpass,username,uid"
But still unable to get the result . Whatever I wrote (even random letter) in the username and password field it able to login into the dashboard and no resources access after that.
one way to achieve is by fronting the dashboard service with a traefik ingress controller. set basic auth in traefik deployment file. create ingress rule for dashboard service
you can also use nginx ingress controller.
below link would be helpful
https://github.com/kubernetes-retired/contrib/tree/master/ingress/controllers/nginx/examples/auth
Is there a way to set a dashboard in Grafana as the home without admin login ? I have a Helm chart that I deploy Grafana with so I would like to do this at a configuration level.
I could not see any options under http://docs.grafana.org/installation/configuration/ for grafana.ini
I'm able to do this manually by login as the admin for the default organization, starring a dashboard and setting that dashboard as the home under preferences. But ofcourse automating this through configuration would be ideal.
Not sure how to do it via .ini file. But you could make use of the Grafana API to get this done.
If you can figure out the Id of the dashboard.Or create via the API itself
Use /api/user/stars/dashboard/{id} to star the dashboard
Then update preference to set the dashboard as home.
Hope this helps.