MySQL datasource validation IP address range

Hello there, I’m trying Grafana Cloud and I want to configure a MySQL source.
As my DB is hosted in GCP, as a security policy I need to explicitly authorise networks to access it. My question is, is there a way to know what IP ranges will Grafana Cloud use in order to add them and allowing it to query it? (Just in case it’s a MySQL v5.7)

Thanks,

Sebastian.-

Hi,

The list of source IP addresses in use by hosted grafana is published via DNS answers for src-ips.hosted-grafana.grafana.net and at https://grafana.com/api/hosted-grafana/source-ips

To get the list of IPs you can use the command:

host src-ips.hosted-grafana.grafana.net | cut -d' ' -f4

or

curl https://grafana.com/api/hosted-grafana/source-ips.txt

To get the list of IPs in Json format:

curl https://grafana.com/api/hosted-grafana/source-ips

Marcus

Hi Marcus,
Can you be more specific on what environment the above commands need to be executed.

The link https://grafana.com/hosted-grafana/source-ips gives a 404 error
Thanks

Sorry for that. I’ve updated the link.

Hello Marcus, that really did the trick! Thank you for replying. Is there any documentation page that references this? Maybe I missed it but I tried to do some research everywhere before asking.

Thanks!

Cool.

We want to publish documentation for Hosted Grafana at our docs site, but we haven’t had time to do that yet.

Marcus

Thanks for the list of IP addresses but bad luck for me.
Google SQL Cloud platform requires CIDR notation
No idea how to put this list of seemingly random IP addresses in CIDR notation!
Any suggestions?

For each IP append /32 for CIDR notation, eg 35.184.81.190/32

What I had to do is using /16 ips with the ranges so I didn’t have to add one by one. Pretty annoying but it worked. So if the IP is: 192.168.10.10 I put 192.168.0.0/16.

For the time being i am just using test data so I authorized Google Cloud SQL as 0.0.0.0/0

Is it an idea for Hosted Grafana to give each user instance its own IP address?
That is what Google Cloud SQL does.
Thanks

since that is what google cloud SQL does then i do think that this is a good idea indeed. or someone has some better ideas?

Hey all, I’m also trying to connect to a CloudSQL instance, and had a month or so of success whitelisting the IPs (which is not ideal, but seemingly the only way to connect to GCloud).

All of a sudden, connections are timing out again and I’m thinking there are new IP addresses / removed IPs.

Is there any place to get notified of new IPs getting added for the Hosted Grafana product?

Hey @tasp, check out my comment above to configure it with less strict constraints for the source IPs. It’s not the best solution security-wise (you could be potentially whitelisting IPs not belonging to grafana), but at least will give you some flexibility with these cases. Since I configured it more than 6 months ago I never had a problem.
Hope that helps!

There were some new nodes added to the clusters that were not properly reflected in the src-ips, that has been taken care of and the list is accurate once again.

@dcech The following IP is currently missing from the txt file, JSON file and DNS entries: 104.197.240.76

Sorry about that, I recently scaled up the cluster and forgot to update the src-ips record. I just updated it, so please let me know if you continue to have any problems.

Is this IPs list same for all organizations?
How can I get my own organization ip range?

This is so lame from Grafana, you should have a couple exit IP addresses not like 100!

2 Likes

Had to add 35.222.247.55 in my firewall for it work. Would be awesome to have a list that is authoritative.