Multena solves numerous problems we encountered when offering Grafana to our customers.
Multena ist short for MULti TENAncy. Multena allows us to securely provide every user in our cluster with the correct observability data on a namespace level. Admins can see the whole cluster; users can see the namespace where they can access pods. Importantly, this is not limited to one namespace, one of the most demanding challenges.
One Grafana for Everybody?
It allows us to create a single pane of glass: One Grafana instance for all observability interactions. This simplifies infrastructure and reduces resource costs. While this is also solvable using a Grafana enterprise license, we wanted a free solution. It also enables us to use a single data source for metrics and logs (traces planned for the future).
Multena requires OAuth, thus guaranteeing secure and user-specific access management. Unauthenticated users can’t see anything, and authenticated users can, via the Grafana forward-OAuth option, see only their data.
It was also important to us that Multena is flexible enough to work outside a Kubernetes / OpenShift environment. Therefore, you can choose between an RBAC collector (used to gather role permission inside k8s), an SQL database, or a config map to retrieve the respective permissions.
Give it a Try!
If you use Loki for log storage and/or a Prometheus API-style metrics database, try it yourself and get ready for multi-tenant observability: https://github.com/gepaplexx/multena-proxy.