Background
BigAnimal provides a Prometheus-compatible endpoint to connect to your monitoring infrastructure and Postgres logs via blob storage.
You can get the PROMETHEUS URL from Monitoring & Logging tab, but it's not accessible until we configure the private connection for it. This document will introduce how to configure the services.
The steps are similar to the documentation Connecting from Azure. The only difference is using the IP address of the Metrics host instead the Clusters. The Metrics URL is per region.
Example
Metrics information
Region: WestUS2
Account ID: KJS1ac8Czj9EBUwb
URL: https://m-azurewestus2-6.kjs1ac8czj9ebuwb.s.edbcloud.io:10902
Host: m-azurewestus2-6.kjs1ac8czj9ebuwb.s.edbcloud.io
Step 1 Create an Azure Private Link service for the Metrics endpoint
1. Get the IP address of the PROMETHEUS URL (In the Monitoring & Logging tab)
❯ dig +short m-azurewestus2-6.kjs1ac8czj9ebuwb.s.edbcloud.io
10.240.0.123
2. On the upper-left page of the Azure portal, select Create a resource.
3. In the Search the Marketplace box, search for Private Link.
4. Select Create.
5. Create a private link service from Resource Group starting with <prj_id>-rg-<region>-management. You can also get the resource group name by running the Azure CLI command
az network vnet list --query "[?name==\`vnet-westus2\`].resourceGroup" -o json
6. Enter the details for the Azure Private Link. Use a unique name for the Azure Private Link.
7. In the Outbound settings page, select the kubernetes-internal load balancer and the IP address of the PROMETHEUS URL (IP address in step 1).
8. On the Access security page, configure the level of access for the private link service.
After the private link service is created, please be sure to note its alias. The alias is the unique ID for your private service, which you can share with the service consumers. Obtain the alias either from the Azure portal
or by using the following CLI command:
az network private-link-service list --query "[?name=='customer-monitoring-private-service'].alias" -o tsv
Step 2 Create an Azure Private Endpoint in each client virtual network
This part is exactly the same as the document Create an Azure Private Endpoint in each client virtual network. Please kindly follow the steps to create a Private Endpoint accordingly.
My output in Step 2.11 is below.
NICID=$(az network private-endpoint show -n customer-monitoring-ep -g sszhao-vm --query "networkInterfaces[0].id" -o tsv)
az network nic show -n ${NICID##*/} -g sszhao-vm --query "ipConfigurations[0].privateIpAddress" -o tsv
The private endpoint's private IP address is 10.8.0.6.
Step 3 Create an Azure Private DNS Zone for the private endpoint
Follow the step -> Create an Azure Private DNS Zone for the private endpoint
Virtual Network Link
Record set
Access the Metrics
You can access the PROMETHEUS URL in your browser directly.
You can also configure Data sources in Grafana server.
1. Go to your Grafana Server GUI and click Configuration - Data Sources
2. Type: Prometheus and fill in URL with Prometheus URL in BigAnimal Portal
3. Configure the other settings with your preferences
4. Then Save & Test (Connection will be tested automatically)
5. Now you can explore your data in Grafana.
Grafana|Error reading Prometheus: An error occurred within the plugin
or
Unable to communicate securely with peer: requested domain name does not match the server's certificate.
This usually happens when the hostname in URL is different from m-azurewestus2-6.kjs1ac8czj9ebuwb.s.edbcloud.io. For example, we use https://10.8.0.6:10902 here in the Datasource.
Solutions
1. use the hostname: m-azurewestus2-6.kjs1ac8czj9ebuwb.s.edbcloud.io in the URL.
Or
2. 'Skip TLS Verify'