Rancher 25 Prometheus for cluster/project owners


Currently my company is running a proof of concept with Rancher 2.5.3 and so far we are liking what we see.

With rancher 2.5 Prometheus should be deployed using the Cluster Explorer -> App Marketplace, which we did.

However I am trying to get promotheus to show metrics for Cluster Owners / Members and Project owners/members. But when I am logging in as that user the Monitoring options shows: “Resource unavailable”

Unfortunately the masterclass didn’t touch on this point.
And the documentation doesn’t seem to updated on how to do this for rancher 2.5 via the cluster explorer.

Any help and pointers would be greatly appreciated.

Have you been able to get around this? I have also followed this, which unfortunately didn’t work for me: Cluster Member can't see/use Grafana or monitoring stuff

The problem I posted as 15814 was related to older Rancher version.
Currently (2.5.x) the deployment of prometheus/grafana is different and I have actually not tried yet whether my teammates can access Grafana with this new Rancher Monitoring deployment.

Thanks a lot…! makes sense. The documentation simply states:

Rancher allows any users who are authenticated by Kubernetes and have access the Grafana service deployed by the Rancher Monitoring chart to access Grafana via the Rancher Dashboard UI.

This doesn’t seem to be the case in my situation. I have found that the monitoring option (in the Explorer dropdown menu) doesn’t even show when the user doesn’t have access to any projects. After creating a project and a namespace, the monitoring option is available. Although the links simply display a ‘resource unavailable’ when hovering over the each option

Edit: Rancher 2.5.2 and the user in question is a cluster member and owns a project or 2

I doubled checked with a teammate ( which was previously, i.e. using the older rancher version, able to see grafana, hence the permissions are still there ) but he was now unable to view grafana, receiving the same error “Resource unavailable”.

I finally figured it out yesterday quite late… The global project role requires access to endpoints, and podmonitors as well… Working on my end with Rancher v2.5.2

@smitphilip could yo maybe elaborate which role you had to change? I tried adding a new custom role, but that did not resolve this problem.