Search code examples
kubernetesgrafanaistioistio-kiali

How to use virtualservice to expose dashboards like grafana prometheus and kiali?

I have my dashboards exposed to <dashboard>.foobar.com with no problem, now I am trying to expose dashboards mentioned above to www.foobar.com/dashboard/<kiali> I have tested with a simple .net backend container with this VS set up:

apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
  name: whatever
spec:
  hosts:
  - www.foobar.com
  gateways:
  - some-gateway
  http:
  - match:
    - uri:
        prefix: /bla
    rewrite:
      uri: " "
    route:
    - destination:
        port:
          number: 1234
        host: dummy-service

Then I have: foobar.com/bla/api/hello -> dummyservice/api/hello foobar.com/bla/api/deeper/hello -> dummyservice/api/deeper/hello which is good. However, if I apply the same to those dashboards, nothing works! Here is my setting for the dashboards:

apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
  name: dashboards
  namespace: istio-system
spec:
  hosts:
  - www.foobar.com
  gateways:
  - default/somegateway
  http:
  - name: grafana
    match:
    - uri:
        prefix: /dashboards/grafana
    rewrite:
      uri: /
    route:
    - destination:
        port:
          number: 80
        host: grafana.grafana.svc.cluster.local
  - name: prometheus
    match:
    - uri:
        prefix: /dashboards/prometheus
    rewrite:
      uri: "/"
    route:
    - destination:
        port:
          number: 9089
        host: prometheus-server.prometheus.svc.cluster.local
  - name: kubernetes-dashboard
    match:
    - uri:
        prefix: "/dashboards/kubernetes"
    rewrite:
      uri: " "
    route:
    - destination:
        port:
          number: 8443
        host: kubernetes-dashboard.kubernetes-dashboard.svc.cluster.local
  - name: kubernetes-dashboard
    match:
    - uri:
        prefix: "/dashboards/kiali/"
    rewrite:
      uri: /
    route:
    - destination:
        port:
          number: 20001
        host: kiali.istio-system.svc.cluster.local

As someone mentioned there is a known issue with / and so you can see I have rewrite for both of them. But still nothing works. I got 404 for most of them, and grafana redirects me to www.foobar.com/login

Anyone have done this before? I am thinking of maybe these dashboards are frontend included, so its not that simple as my .net backend container?

Solution

  • For anyone has the same question, please take a look here:

    I have this resolved:

    So first, the VirtualSerive are correct, but remember to add quotes to write section:

        rewrite:
      uri: "/"

    And prefix sections need to be closed with a /

      - name: kubernetes-dashboard
    match:
    - uri:
        prefix: "/kubernetes/"

    Here comes the trick, prometheus and grafana are designed to be worked at root url. However, its configurable in the deployment.yaml For example, I want my grafana and prometheus works at www.foobar.com/grafana/ and www.foobar.com/prometheus respectively. In grafana deployment.yaml, we need to specify:

              env:
            - name: GF_SERVER_ROOT_URL
              value: 'http://localhost:3000/grafana/'
            - name: GF_SERVER_DOMAIN
              value: localhost
            - name: GF_SERVER_SERVE_FROM_SUB_PATH
              value: 'true'

    And in prometheus, it has the similar:

    - name: prometheus-server
    image: 'quay.io/prometheus/prometheus:v2.24.0'
    args:
      - '--web.enable-lifecycle'
      - '--web.external-url=https://localhost:9090/prometheus/'
      - '--web.route-prefix=/'

    For kiali, the trick is in virtual service, you have to rewrite it to /kiali/:

      - name: kiali-dashboard
    match:
    - uri:
        prefix: /kiali/
    rewrite:
      uri: "/kiali/"