I have Loki running in my EKS cluster. I want to add a Loki datasource in Amazon Managed Grafana. How can I connect AMG to Loki instance inside the EKS cluster?
Connect Amazon Managed Grafana to Loki in EKS cluster
256 Views Asked by DAN At
2
There are 2 best solutions below
0
On
To connect from AMG to Loki deployed in EKS, you can set up Ingress for Loki. It's worth noting that this is not the best method, as such a setup makes Loki accessible from the public internet, which is unnecessary in the case of using AMG. It would be better to avoid exposing Loki to the public internet by setting up a VPC for AMG and linking this VPC with the EKS cluster.
Anyway, to set up Ingress, you can configure a gateway in Loki values as follows:
gateway:
ingress:
enabled: true
annotations:
cert-manager.io/cluster-issuer: "cert-manager-issuer"
ingressClassName: nginx
hosts:
- host: <domain>
paths:
- path: /
pathType: Prefix
tls:
- hosts:
- <domain>
secretName: loki-cert
basicAuth:
enabled: true
username: <username>
password: <password>
Also, remember to configure the log collection agent to use Basic auth, an example for Promtail:
config:
clients:
- url: http://loki-gateway.<namespace>.svc.cluster.local/loki/api/v1/push
tenant_id: 1
basic_auth:
username: <username>
password: <password>
In this configs:
<domain>- host for using TLS, should be configured before enabling Ingress. The cert-manager should be configured<username>,<password>- for Basic auth, will also be used for configuring datasource in Grafana<namespace>- namespace in EKS where Promtail is deployed
After this, Loki will be available for connection in AMG.
In the end, I have created a private hosted zone, added a DNS entry pointing to Loki instance and used this name in the datasource URL. You also have to configure the connection to the VPC hosting Loki in your AMG workspace.