Tempo is a multi-tenant distributed tracing backend. It supports multi-tenancy through the use
of a header:
This guide details how to setup multi-tenancy.
If you’re interested in setting up multi-tenancy, consult the multi-tenant example in the repo. This example uses the following settings to achieve multi-tenancy in Tempo.
Configure the OTEL Collector to attach the X-Scope-OrgID header on push:
exporters: otlp: headers: x-scope-orgid: foo-bar-baz
Grafana 7.5.x and higher
Configure the Tempo data source in Grafana to pass the tenant with the same header:
- name: Tempo-Multitenant jsonData: httpHeaderName1: 'X-Scope-OrgID' secureJsonData: httpHeaderValue1: 'foo-bar-baz'
Grafana 7.4.x has the following configuration requirements:
- Configure the Tempo data source in Grafana to pass the tenant as a bearer token. This is necessary because it is the only header that Jaeger can be configured to pass to its GRPC plugin.
- name: Tempo-Multitenant jsonData: httpHeaderName1: 'Authorization' secureJsonData: httpHeaderValue1: 'Bearer foo-bar-baz'
- Configure Jaeger Query to pass the bearer token to its backend.
Multi-tenancy on ingestion is currently only working with GPRC and this may never change. It is strongly recommended to use the OpenTelemetry Collector to support multi-tenancy as described above.
To enable multi-tenancy on Tempo backend, set the following configuration value on all Tempo components:
or from the command line:
This option will force all Tempo components to require the
Related Tempo resources
Be the first to learn about exciting next-generation features in Grafana 8.0, be inspired by what community members are building, and attend expert-led sessions and workshops on Grafana, Prometheus, Loki logs, and more.