Troubleshooting setting up Grafana for ITRS Analytics
The official guidance to use ITRS Analytics as a data source for Grafana is defined in this link: https://docs.itrsgroup.com/docs/itrs-analytics/latest/faqs/how-to-configure-grafana-authentication/index.html
Some additional points to consider when setting things up:
Ensuring the correct hostname is defined in the grafana.ini file
Typically, this is set up as domain = localhost.
This should be changed to the actual hostname where the Grafana server runs.
Example grafana.ini file (the fields that require modification):
Note you will need to restart Grafana for these changes to take effect.
## The http port to use
http_port = 3000
## The public facing domain name used to access grafana from a browser
domain = ec2-18-171-143-13.eu-west-2.compute.amazonaws.com
#################################### Generic OAuth #######################
[auth.generic_oauth]
name = ITRS Analytics
enabled = true
allow_sign_up = true
client_id = obcerv-apps
client_secret = LZplLkJSag4lPRJhUXGA4OGxqpqV0ZEP
scopes = openid profile email offline_access roles
email_attribute_path = email
login_attribute_path = username
name_attribute_path = full_name
role_attribute_path = contains(roles[*], 'admin') && 'GrafanaAdmin' || 'Editor'
auth_url = https://ec2-18-171-143-13.eu-west-2.compute.amazonaws.com/auth/realms/obcerv/protocol/openid-connect/auth
token_url = https://ec2-18-171-143-13.eu-west-2.compute.amazonaws.com/auth/realms/obcerv/protocol/openid-connect/token
api_url = https://ec2-18-171-143-13.eu-west-2.compute.amazonaws.com/auth/realms/obcerv/protocol/openid-connect/userinfo
tls_skip_verify_insecure = true
Configure valid redirect URLs in Keycloak
This should be set as in the example below:
Configure the realm roles mapper in Keycloak
This should be set as in the example below:
Ensure Token Claim Name is set to roles:
Create a user in Keycloak with admin role rights:
Create a user in Users.
Note as below - ensure an entry is put in for the Email field - the account does not actually have to be a valid one.
Set a password for the newly created user:
Ensure Temporary option is unticked:
Under Realm Roles, create a role:
Under Users for the grafana-user that we created, assign roles to the user:
And also assign realm roles to the user:
Result:
Login to Grafana with the newly created grafana-user account:
You will be redirected to a screen like the one below:
After logging in, you should be directed inside Grafana - you can navigate to Connections and Data Sources and click Explore:
Then click inside the Metrics drop-down:
Try something, e.g. cputilisation - as soon as you type, entries should appear so you can scroll and select.
Click Run Query, and data should appear:
