add multi-tenancy public tutorial #2393
Conversation
src/content/tutorials/observability/multi-tenancy/creating-grafana-organization/_index.md
Outdated
Show resolved
Hide resolved
…fana-organization/_index.md
src/content/tutorials/observability/multi-tenancy/creating-grafana-organization/_index.md
Outdated
Show resolved
Hide resolved
…fana-organization/_index.md
src/content/tutorials/observability/multi-tenancy/creating-grafana-organization/_index.md
Outdated
Show resolved
Hide resolved
…fana-organization/_index.md
src/content/tutorials/observability/multi-tenancy/creating-grafana-organization/_index.md
Outdated
Show resolved
Hide resolved
…fana-organization/_index.md
src/content/tutorials/observability/data-exploration/accessing-grafana/_index.md
Outdated
Show resolved
Hide resolved
src/content/tutorials/observability/multi-tenancy/creating-grafana-organization/_index.md
Outdated
Show resolved
Hide resolved
src/content/tutorials/observability/multi-tenancy/creating-grafana-organization/_index.md
Outdated
Show resolved
Hide resolved
src/content/tutorials/observability/multi-tenancy/creating-grafana-organization/_index.md
Outdated
Show resolved
Hide resolved
src/content/tutorials/observability/multi-tenancy/creating-grafana-organization/_index.md
Outdated
Show resolved
Hide resolved
Co-authored-by: Fernando Ripoll <fernando@giantswarm.io>
…-grafana/_index.md Co-authored-by: Fernando Ripoll <fernando@giantswarm.io>
…fana-organization/_index.md Co-authored-by: Fernando Ripoll <fernando@giantswarm.io>
…fana-organization/_index.md Co-authored-by: Fernando Ripoll <fernando@giantswarm.io>
…fana-organization/_index.md Co-authored-by: Fernando Ripoll <fernando@giantswarm.io>
…fana-organization/_index.md Co-authored-by: Fernando Ripoll <fernando@giantswarm.io>
|
FYI: internal ADR is here https://github.com/giantswarm/giantswarm/pull/32256 with a bit more detail. @giantswarm/sig-docs I'm a bit confused where we would document higher level concepts like Multi-tenancy as would like to have a kind of overview page to not have to redefine multi-tenancy everywhere. Would you have some hints? |
|
This documentation only talks about the tenancy read path as the write path will be in the data ingestion section. So we have:
I think the write path should be explained in the data ingestion sections (as this will most likely be a label) But then I'm not sure if we actually need a multi-tenancy specific section? cc @Rotfuks as i've talked about this a bit with you already |
| ``` | ||
|
|
||
| Our operators will create this `Grafana` organization named _Giant Swarm_. It will be equipped with a basic set of data sources for Loki, Mimir and Alertmanager, giving you access to the `giantswarm` tenant. | ||
| The Role Base Access Control (RBAC) section defines how to map your groups from your identity provider to `Grafana` admin roles (`Admin`, `Editor`, `Viewer`). Note that only the `admins` field is mandatory in this section. |
There was a problem hiding this comment.
Can you provide more information and examples regarding RBAC like, where does those values comes from. Probably adding a link to Grafana OAuth would be helpfull too
There was a problem hiding this comment.
+1 references would be helpful, and beyond the scope of this PR, it might be nice to also include a reference to this doc in other OIDC RBAC docs to give admins a clue about this when they are doing group management
There was a problem hiding this comment.
This is actually a good idea
src/content/tutorials/observability/multi-tenancy/creating-grafana-organization/_index.md
Outdated
Show resolved
Hide resolved
src/content/tutorials/observability/multi-tenancy/creating-grafana-organization/_index.md
Outdated
Show resolved
Hide resolved
| ``` | ||
|
|
||
| Our operators will create this `Grafana` organization named _Giant Swarm_. It will be equipped with a basic set of data sources for Loki, Mimir and Alertmanager, giving you access to the `giantswarm` tenant. | ||
| The Role Base Access Control (RBAC) section defines how to map your groups from your identity provider to `Grafana` admin roles (`Admin`, `Editor`, `Viewer`). Note that only the `admins` field is mandatory in this section. |
There was a problem hiding this comment.
+1 references would be helpful, and beyond the scope of this PR, it might be nice to also include a reference to this doc in other OIDC RBAC docs to give admins a clue about this when they are doing group management
…fana-organization/_index.md Co-authored-by: Zach Stone <zach@giantswarm.io>
…fana-organization/_index.md Co-authored-by: Zach Stone <zach@giantswarm.io>
|
Hugo yielded some warnings. Please check whether they require action. |
What this PR does / why we need it
Towards https://github.com/giantswarm/giantswarm/issues/25198
This PR adds a tutorial explaining how to ad a grafana organization via a CR
Things to check/remember before submitting
If you made content changes
make lint devto render and proofread content changes locally.last_review_datein the front matter header if you reviewed the entire page.