- What Grafana version and what operating system are you using?
6.7.4 deployed in Azure Kubernetes clusters
- What are you trying to achieve?
We want to have multiple Grafana instances, each with its own URL. The Grafana instances can be accessed either:
- directly, through its URL
- or by going to a global URL (‘grafana-global’, which uses an Azure Traffic Manager to direct traffic to a randomly chosen Grafana instance
In both cases authentication is provided by Azure Active Directory.
- How are you trying to achieve it?
Setting up an Azure Traffic Manager profile, ‘grafana-global’, which has each individual Grafana URL configured as an endpoint.
- What happened?
Accessing an individual Grafana (using its direct URL) works as expected.
When using the ‘grafana-global’ URL, I am prompted to log in with Azure Active Directory. This redirects me to AAD, where I log in. Upon being returned to Grafana, I am returned to a specific Grafana URL (rather than ‘grafana-global’) with the error message “login.OAuthLogin(missing saved state)”.
I believe the issue is that my initial login request (from ‘grafana-global’) provides a cookie, which does not match the cookie provided by the specific Grafana instance.
- What did you expect to happen?
I would expect that, after logging in with Azure AD, I would be redirected back to ‘grafana-global’, with no error messages. This is how other applications with GUIs in the same deployment function.
- Did you receive any errors in the Grafana UI or in related logs? If so, please tell us exactly what they were.
In Grafana UI: “login.OAuthLogin(missing saved state)”
Grafana container logs, when this error is seen: “t=2021-09-07T14:52:00+0000 lvl=eror msg=“Request Completed” logger=context userId=2 orgId=1 uname= method=GET path=/login/azuread status=500 remote_addr= time_ms=1 size=1742 referer=https://login.microsoftonline.com/”
Any help / tips anyone has on this would be much appreciated - thanks in advance.