[英]Secure grafana with prometheus datasource all over LDAP
I have a problem securing the prometheus datasource for grafana .我在保护 grafana 的 prometheus 数据源时遇到问题。
When I started I thought that the datasource plugin for grafana has a backend component that forwards requests to the prometheus server.当我开始时,我认为 grafana 的数据源插件有一个后端组件,可以将请求转发到 prometheus 服务器。
What I actually see is that the client (browser) directly contacts the prometheus resource.我实际看到的是客户端(浏览器)直接联系prometheus资源。 This is a big problem in my configuration because
这是我的配置中的一个大问题,因为
So my questions are:所以我的问题是:
This could be a main reason to use a completely other monitoring stack.这可能是使用完全不同的监控堆栈的主要原因。
Is there a way to hide the prometheus datasource from public (via grafana backend?)?
有没有办法向公众隐藏普罗米修斯数据源(通过 grafana 后端?)?
Select Proxy mode rather than Direct when configuring the data source.配置数据源时选择代理模式而不是直接模式。
Is there a way to use the grafana LDAP-user with the prometheus datasource
有没有办法将 grafana LDAP-user 与 prometheus 数据源一起使用
Grafana only supports basic auth for this. Grafana 为此仅支持基本身份验证。 I would imagine that monitoring systems that support LDAP for authorization are rare, so would advise working with this.
我想支持 LDAP 授权的监控系统很少见,所以建议使用它。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.