Rok Monitoring Stack UIs

This guide describes how you can access the graphical user interfaces of the Rok Monitoring Stack.

Access Prometheus UI

Prometheus provides a graphical user interface that helps users inspect metrics that are currently stored in the time-series database, run PromQL queries against the time-series database and view current configurations, rules and state of scraping targets.

Important

The Prometheus UI is not exposed via Arrikto EKF’s Istio. We strongly suggest that you use kubectl port-forward to access the Prometheus UI only in development environments.

  1. Forward traffic from your localhost to rok-tools. Choose one of the following options based on how you created your management environment:

    1. Forward traffic from your management environment to Prometheus running in your Kubernetes cluster:

      root@rok-tools:~# kubectl port-forward --address 0.0.0.0 -n monitoring svc/prometheus-k8s 8080:9090
    2. Forward traffic from your local machine to Prometheus running in your Kubernetes cluster:

      user@workstation:~# kubectl port-forward --address 0.0.0.0 svc/rok-tools 9090:8080
    1. Forward traffic from your management environment to Prometheus running in your Kubernetes cluster:

      root@rok-tools:~# kubectl port-forward --address 0.0.0.0 -n monitoring svc/prometheus-k8s 9090:9090
    1. Forward traffic from your management environment to Prometheus running in your Kubernetes cluster:

      root@rok-tools:~# kubectl port-forward --address 0.0.0.0 -n monitoring svc/prometheus-k8s 9090:9090
  2. Open your browser at localhost:9090 and view the Prometheus UI.

    ../../_images/prometheus_ui.png

Access Grafana UI

Grafana offers a rich web UI that, depending on the privileges of the logged in user, allows one to view or create dashboards with metrics retrieved from different data sources, set up alert rules, manage users and teams, etc. The Rok Monitoring Stack preloads vanilla dashboards available in the kube-prometheus project, as well as custom ones that visualize metrics collected from Rok components and external services.

The Rok Monitoring Stack leverages the cluster’s service mesh, Istio, as well as the cluster’s auth proxy, AuthService, to securely expose the Grafana UI to the outer world and control access to it. More specifically, it creates the following Istio resources:

  • a VirtualService that is bound to the Ingress Gateway and routes traffic to Rok’s Grafana
  • an AuthorizationPolicy that defines access control rules, i.e., which users are allowed to access Rok’s Grafana
  • an AuthorizationPolicy that allows network traffic among workloads running in the monitoring namespace

See also

  1. Open your browser at

    https://<FQDN>/monitoring/

    Replace <FQDN> with your sub-domain. For example:

    https://arrikto-cluster.apps.example.com/monitoring/

    In case you are not already logged in, you will need to authenticate via the OIDC provider of your cluster.

  2. Select any of the available dashboards from the upper-left dropdown list, next to the Home button. For example, you can view the following dashboards:

    • Rok:

    ../../_images/rok-grafana-dashboard.png

    • Kubernetes API Server:

    ../../_images/kubernetes-grafana-dashboard.png

    • Node Exporter:

    ../../_images/node-exporter-grafana-dashboard.png

Note

It might take some time before metrics become available in dashboard panels. This depends on the scrape interval of each Prometheus target.

Summary

In this guide you learnt how to access the Rok Prometheus and Rok Grafana UIs.

What’s Next

The next step is to learn how to monitor the physical nodes of your EKF cluster, and view the Node Exporter and Nodes Grafana dashboards.