diff --git a/src/content/overview/observability/_index.md b/src/content/overview/observability/_index.md index 27a6f1af63..9b040f198c 100644 --- a/src/content/overview/observability/_index.md +++ b/src/content/overview/observability/_index.md @@ -6,7 +6,7 @@ menu: principal: parent: overview identifier: overview-observability -last_review_date: 2024-06-06 +last_review_date: 2024-12-11 owner: - https://github.com/orgs/giantswarm/teams/sig-product --- @@ -23,6 +23,8 @@ Observability is a fundamental aspect of modern cloud-native environments, provi - **Alerting**: To not just look at dashboards all day it's crucial to be able to get notified about significant events or issues that require immediate attention. By making it easy to set up and configure alerting rules across apps and environments, our observability platform's alerting helps your teams avoid wasting time on repetitive tasks, thereby enhancing their efficiency and allowing them to focus on what matters. +- **Multi-Tenancy**: To isolate your observability data between teams or internal organizations, Giant Swarm provides you with multi-tenant storage of and access to your observability data. + One of the key benefits using Giant Swarm is that we provide a set of reliable and highly integrated observability tools that our own teams already use on a daily basis and will help you have a comprehensive view of your applications and infrastructure. ## Cloud-native technologies diff --git a/src/content/tutorials/observability/data-exploration/accessing-grafana/_index.md b/src/content/tutorials/observability/data-exploration/accessing-grafana/_index.md index 915398cb97..9857395dae 100644 --- a/src/content/tutorials/observability/data-exploration/accessing-grafana/_index.md +++ b/src/content/tutorials/observability/data-exploration/accessing-grafana/_index.md @@ -7,7 +7,7 @@ menu: identifier: tutorials-observability-data-exploration-accessing-grafana parent: tutorials-observability-data-exploration weight: 40 -last_review_date: 2024-07-17 +last_review_date: 2024-12-12 user_questions: - How to access Grafana? - How to access metrics from my clusters? @@ -51,6 +51,8 @@ There is one identity provider configured for Giant Swarm staff and one for you After selecting the right identity provider, you may run through an authentication workflow. However, if you are already authenticated within the current browser, this will be skipped and you should see the Home dashboard as a result. +When you log in, you will be logged into the `Shared Org`, which contains a curated set of provided dashboards that are managed and accessible to everyone. If you want to learn more about organizations and multi-tenancy, we can only advise you to read the related [documentation]{{< relref "/tutorials/observability/multi-tenancy" >}}). + ## Limitations Grafana access is currently not available in shared installations, where several customer's observability data would be available from the same Grafana instance. diff --git a/src/content/tutorials/observability/multi-tenancy/_index.md b/src/content/tutorials/observability/multi-tenancy/_index.md new file mode 100644 index 0000000000..22dd92f458 --- /dev/null +++ b/src/content/tutorials/observability/multi-tenancy/_index.md @@ -0,0 +1,15 @@ +--- +title: Multi-tenancy +description: Guides explaining how to configure multi-tenancy in the Observability Platform. +weight: 20 +menu: + principal: + parent: tutorials-observability + identifier: tutorials-observability-multitenancy +last_review_date: 2024-12-12 +owner: + - https://github.com/orgs/giantswarm/teams/team-atlas +user_questions: + - How to isolate data into the observability platform? + - How to create grafana organizations? +--- diff --git a/src/content/tutorials/observability/multi-tenancy/creating-grafana-organization/_index.md b/src/content/tutorials/observability/multi-tenancy/creating-grafana-organization/_index.md new file mode 100644 index 0000000000..a0a53db741 --- /dev/null +++ b/src/content/tutorials/observability/multi-tenancy/creating-grafana-organization/_index.md @@ -0,0 +1,45 @@ +--- +linkTitle: Creating a Grafana organization +title: Creating a Grafana organization +description: Guide explaining how to manage Grafana organizations in the Observability Platform. +menu: + principal: + identifier: tutorials-observability-multitenancy-create-grafana-organization + parent: tutorials-observability-multitenancy +weight: 40 +last_review_date: 2024-12-12 +user_questions: + - How to create a grafana organization? + - How to access multi-tenant observability data? +owner: + - https://github.com/orgs/giantswarm/teams/team-atlas +--- + +When you first access [your installation's `Grafana`]({{< relref "/tutorials/observability/data-exploration/accessing-grafana" >}}), you will be accessing an organization named _Shared Org_, which gives you access to a set of curated dashboards. However, if you want to provide multi-tenancy of your observability data (isolation between tenants), the observability platform allows self-service creation of your own organizations. + +## Creating your own organization + +To add a new `Grafana` organization, create a [`GrafanaOrganization`](https://raw.githubusercontent.com/giantswarm/observability-operator/refs/heads/main/config/crd/observability.giantswarm.io_grafanaorganizations.yaml) custom resource in the management cluster. + +For example: + +```yaml +apiVersion: observability.giantswarm.io/v1alpha1 +kind: GrafanaOrganization +metadata: + name: giantswarm +spec: + displayName: Giant Swarm + rbac: + admins: + - giantswarm-admins + editors: + - giantswarm-editors + viewers: + - giantswarm-viewers + tenants: + - giantswarm +``` + +Our operators will create this `Grafana` organization named _Giant Swarm_. It will be equipped with a basic set of data sources for Loki, Mimir and Alertmanager, giving you access to the `giantswarm` tenant. +The Role Base Access Control (RBAC) section defines how to map your groups from your identity provider to `Grafana` admin roles (`Admin`, `Editor`, `Viewer`). Note that only the `admins` field is mandatory in this section.