-
What Grafana version and what operating system are you using?
v10.4.0 on Ubuntu server on AKS cluster -
What are you trying to achieve?
SSO with Azure AD while using Postgres HA -
How are you trying to achieve it?
Storing user data in the postgres pods running on our AKS cluster -
What happened?
Users began getting an unauthorized error when trying to login or getting kicked out of the Grafana UI after being signed in. Unable to sign in with the admin creds as well. -
What did you expect to happen?
New and existing users would be able to sign in with Azure with no issue, and also we should be able to at least sign in with the admin creds -
Can you copy/paste the configuration(s) that you are having problems with?
grafana:
replicas: 2
persistence:
enabled: false
grafana.ini:
server:
domain: DOMAIN_URL
root_url: ROOT_URL
database:
type: postgres
host: obs-postgresql-pgpool:5432
name: grafana
user: grafana
password: ${PGPASSWORD}
unified_alerting:
ha_redis_address: obs-redis-ha-haproxy:6379
live:
ha_engine: redis
ha_engine_address: obs-redis-ha-haproxy:6379
envValueFrom:
PGPASSWORD:
secretKeyRef:
name: obs-postgres-credentials
key: password
sidecar:
datasources:
alertmanager:
handleGrafanaManagedAlerts: true
-
Did you receive any errors in the Grafana UI or in related logs? If so, please tell us exactly what they were.
Yes, sometimes users are able to sign in but get an “Unauthorized” error while navigating the site and are logged out. Looking at the postgresql pods running in the same namespace as the Grafana pods we saw this error
STATEMENT: INSERT INTO cache_data (cache_key,data,created_at,expires) VALUES($1,$2,$3,$4)
ERROR: duplicate key value violates unique constraint “UQE_user_login”
DETAIL: Key (login)=(user.email@domain.com) already exists. -
Did you follow any online instructions? If so, what is the URL?
Yes. Grafana HA docs and Postgres HA README.md