Join GitHub today
GitHub is home to over 36 million developers working together to host and review code, manage projects, and build software together.Sign up
Plugin should work on grafana-server behind firewall with no internet access #99
The plugin makes plugin-proxy calls via the server, which is not compatible with companies that have a no Internet access policy on production setups.
We do not want to open access to our network zone that contains our production grafana/graphite/ELK/InfluxDB setup.
Perhaps the use of a license file, or making the calls directly via the browser would be a solution? This is in any case a problem for us, and be a major blocker for adoption for others I imagine.
Example calls the server is trying to make:
I understand that given that it is external it needs internet, I am just wondering if it could be configured like the datasources for elasticsearch or graphite are: proxy/direct.
I see that the datasource for raintank has the "direct/proxy" setting but it still passes via the server of our choosing in any case (url+direct-access), it would be interesting if the posts could be done directly to a raintank endpoint cloud-side. Any ideas?
The Worldping service is a SaaS service, so to use it you will need internet access to be able to use it.
@drewboswell unfortunately it is not possible for the the api requests to the worldping backend to be made directly from the browser. The api requests need to be authenticated with an apiKey and would be very insecure to expose this key to the browser. So instead this apiKey is stored (encrypted) in the Grafana database and added to requests when they are being proxied.
You do no not need to have direct Internet access on the Grafana server, you can instead just use a HTTP/HTTPS proxy. To have Grafana use the proxy, you need to pass the proxy addresses via http_proxy and https_proxy environment variables.
All of the routes needed are listed in the app's plugin.json
So in summary, you need GET/PUT/POST/DELETE on https://worldping-api.raintank.io/api/*
The routes may change in future as we add new features, so when updating the app it would pay to check the plugin.json for an changes.