Server

Multitenancy Setup
This section describes how to create new tenants (also called organizations) in the replex software.
The user who can set up another organization/tenant must have a SUPER_ADMIN role.
If you do not yet have your authentication token, you must first log in to receive the token. If you already have the token, you can jump to step 3 and use the token in the authentication header.
1.Ensure the replex API is accessible.
If you have exposed the API over a public URL, then you can use that. Otherwise, access the API locally by port-forwarding the service with the following command:
kubectl port-forward --namespace replex svc/replex-server 3100
The following steps will assume the replex API is running at http://localhost:3100.
1.Login with super admin credentials.
Next you'll login to the API to retrieve your authentication token for further requests to the API.
curl --location --request POST 'http://localhost:3100/api/v1/auth/login' \
--header 'Content-Type: application/json' \
--data-raw '{
    "email": "<SUPER_ADMIN_EMAIL>",
    "password": "<SUPER_ADMIN_PASSWORD>",
    "tenant": "<UNIQUE_ORGANIZATION_ID>"
}'
The output will be similar to:
{
  "status": true,
  "data": { "token": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJvcmdh...." }
}
The contents of the data.token field is the authentication token we need.
1.Call the 'create organization' endpoint.
curl --location --request POST 'http://localhost:3100/api/v1/organizations' \
--header 'Authorization: Bearer <TOKEN_FROM_PREVIOUS_STEP>' \
--header 'Content-Type: application/json' \
--data-raw '{
    "name": "<NEW_ORGANIZATION_NAME>",
    "email": "<ORGANIZATION_EMAIL>",
    "tenantID": "<NEW_UNIQUE_ORGANIZATION_ID>",
    "admin":{
        "firstName": "--",
        "lastName": "--",
        "password": "--"
    }
}'
A user with the user details provided in admin is automatically created for the new tenant. The login details are the values in email and admin.password.
NOTE: The user that creates the new tenant is not automatically a member of the new tenant, but they can login to the tenant because the software allows SUPER_ADMIN users to login to any tenant on an installation.
The output will be similar to:
{
  "status": true,
  "data": {
    "id": "eafedacd-4fba-4d31-be52-69567262a372",
    "defaultCurrency": "USD",
    "billingStatus": true,
    "name": "New Organization",
    "email": "[email protected]",
    "tenantID": "neworganization",
    "active": true,
    "updated_at": "2020-10-20T15:54:48.100Z",
    "created_at": "2020-10-20T15:54:48.100Z"
  }
}
The new organization/tenancy has been successfully created.
Once the software detects that more than one tenant exists, it automatically adds a new 'Tenant ID' field to the login form. The value of this field is the tenant you want to log in to. The email / password combination must exist in the tenant.
1.Generate Replex token.
For configuring replex agents a Replex token is needed. To generate the token we need the organization ID from the previous step to specify for which organization we want to generate a token. The ID can be found in the response under data.id. We'll make use of the authentication token to get the Replex token:
curl --location --request GET 'http://localhost:3100/api/v1/organizations/<ORGANIZATION_ID_FROM_PREVIOUS_STEP>/token' \
--header 'Authorization: Bearer <TOKEN_FROM_STEP_3>'
The response contains a new token which can be used as the replex.token Helm parameter in the agent Helm chart.
Replex filter query language
This section describes cluster stats querying basics and provides examples.
NOTE: Examples below require authentication token, that can be retrieved at 'http://localhost:3100/api/v1/auth/login' An instruction can be found in the section Multitenancy Setup above on the step 2.
Cluster stats endpoints supports different parameters depending on the type of resource. Assume that a labels range stats endpoint is queried. It requires a couple of parameters:
start: timestamp that represents the beginning of the period where to start aggregate metrics.
end: timestamp that represents the end of the period where to stop aggregating metrics.
filters: a query string in Lucene query syntax.
clusterID: the unique ID of the cluster to query stats for.
Available lucene keys to filter by are:
labels.<LABEL_NAME>:<LABEL_VALUE> - represents resource labels, where key is LABEL_NAME and value is LABEL_VALUE, e.g. labels.app:replex-server.
namespace:<NAMESPACE_NAME> - represents resources namespace, e.g. namespace:monitoring.
key:<LABEL_NAME> - represents label name that must appear in stats, e.g. key:app.
A basic examples of filters parameter to query stats:
​
Parameter value
Description
1
filters=labels.labelKey1:labelValue1 OR (labels.labelKey1:labelValue2 AND namespace:nsName1)
Query resources that have labels with key labelKey1 and value labelValue1 or resources that are in namespace nsName1 and have labels key labelKey1 with value labelValue2.
2
filters=labels.labelKey1:labelValue1 AND namespace:nsName1
Query resources that have labels with key labelKey1 and value labelValue1 and belong to namespace nsName1.
3
filters=namespace:nsName1 OR namespace:nsName2
Query resources that belong to namespace nsName1 or nsName2.
4
filters=namespace:nsName1 AND key:labelKey1
Query resources that belong to namespace nsName1 and have label keys such as labelKey1.
Environment Variables
These are the environment variables used by the application:
​
Variable
Required
Default
Description
1
POSTGRES_DB
Yes
​
​
2
POSTGRES_USER
Yes
​
​
3
POSTGRES_PASSWORD
Yes
​
​
4
POSTGRES_HOST
Yes
​
Database host, or Master if using replication
5
POSTGRES_PORT
No
5432
​
6
ENV
No
development
Options: production, development, test
7
PORT
No
3100
​
8
PUBLIC_KEY
Yes
​
Public key string (used for JWT). Prefix with file: if specifying a file path.
9
PRIVATE_KEY
Yes
​
Private key string (used for JWT). Prefix with file: if specifying a file path.
10
ADMIN_FIRST_NAME
No
​
Initial Admin user credentials
11
ADMIN_LAST_NAME
No
​
​
12
ADMIN_EMAIL
No
​
​
13
ADMIN_PASSWORD
No
​
​
14
ORGANIZATION_NAME
No
​
Initial organization name
15
SECRET
Yes
​
Used for internal password recovery token en-/decryption
16
CODE_ACTIVE_MINUTES
No
15
Token lifetime in minutes
17
EMAIL_MODE
No
enable
Options: enable, disable
18
SMTP_HOST
If EMAIL_MODE is enable
​
​
19
SMTP_PORT
If EMAIL_MODE is enable
​
​
20
SMTP_USER
If EMAIL_MODE is enable
​
​
21
SMTP_PASS
If EMAIL_MODE is enable
​
​
22
SMTP_SECURE
If EMAIL_MODE is enable
​
​
23
HOST_URL
No (required for on-prem)
​https://replex.replex.io​
Server host url.
24
PRICING_API_MODE
No
enable
Options: enable, disable
25
PRICING_API_KEY
If PRICING_API_MODE is enable
​
​
26
PRICING_API_HOST
If PRICING_API_MODE is enable
​
​
27
MAX_POOL_SIZE
No
20
Max database connection pool size
28
LOG_LEVEL
No
6
Higher value represents higher verbosity (correspond to syslog levels - https://en.wikipedia.org/wiki/Syslog#Severity_level)
29
INGRESS_NAME
No
​
Ingress to be configured with new host information for organization
30
INGRESS_HOST_SUFFIX
No
replex.io
Suffix appended to organization tenant ID to form Ingress host
31
STRIPE_API_KEY
No
​
Stripe API key. Used for Servicebot self checkout
32
STRIPE_WEBHOOK_SECRET
No
​
Stripe webhook secret. Used for verifying stripe webhook requests.
33
SERVICEBOT_PORTAL_ID
No
​
Servicebot Billing Page ID of the Customer Portal.
34
SERVICEBOT_CHECKOUT_ID
No
​
Servicebot Checkout Page ID.
35
STRIPE_PRODUCT_ID
No
​
Stripe Product ID.
36
SAML_DECRYPTION_PRIVATE_KEY
No
​
SAML SP Private Key to decrypt SAMLResponses. Prefix with file: if specifying a file path.
37
SAML_DECRYPTION_PUBLIC_CERT
No
​
SAML SP Public certificate to decrypt SAMLResponses. Prefix with file: if specifying a file path.
38
SAML_SIGNING_PRIVATE_KEY
No
​
SAML SP Private Key to sign SAMLRequests. Prefix with file: if specifying a file path.
39
SAML_SIGNING_PUBLIC_CERT
No
​
SAML SP Public Certificate to sign SAMLRequests. Prefix with file: if specifying a file path.
40
METRICS_RETENTION_THRESHOLD_DAYS
No
7
Represents the period when the raw metrics are saved in the db and could be accessed in short time range stats queries
41
CLOUDCOST_TAG_KEY_NAMESPACE
No
CLOUDCOST_TAG_KEY_NAMESPACE
Tag key representing namespaces in cloud billing data.
42
DB_READ_HOSTS
NO
​
Comma-separated list of read replica IP addresses, e.g. 1.1.1.1,8.8.9.9,192.168.5.255

Pushgateway

Pricing API

Last modified 2yr ago

	Parameter value	Description
1	`filters=labels.labelKey1:labelValue1 OR (labels.labelKey1:labelValue2 AND namespace:nsName1)`	Query resources that have labels with key `labelKey1` and value `labelValue1` or resources that are in namespace `nsName1` and have labels key `labelKey1` with value `labelValue2`.
2	`filters=labels.labelKey1:labelValue1 AND namespace:nsName1`	Query resources that have labels with key `labelKey1` and value `labelValue1` and belong to namespace `nsName1`.
3	`filters=namespace:nsName1 OR namespace:nsName2`	Query resources that belong to namespace `nsName1` or `nsName2`.
4	`filters=namespace:nsName1 AND key:labelKey1`	Query resources that belong to namespace `nsName1` and have label keys such as `labelKey1`.

	Variable	Required	Default	Description
1	POSTGRES_DB	Yes
2	POSTGRES_USER	Yes
3	POSTGRES_PASSWORD	Yes
4	POSTGRES_HOST	Yes		Database host, or Master if using replication
5	POSTGRES_PORT	No	5432
6	ENV	No	development	Options: `production`, `development`, `test`
7	PORT	No	3100
8	PUBLIC_KEY	Yes		Public key string (used for JWT). Prefix with `file:` if specifying a file path.
9	PRIVATE_KEY	Yes		Private key string (used for JWT). Prefix with `file:` if specifying a file path.
10	ADMIN_FIRST_NAME	No		Initial Admin user credentials
11	ADMIN_LAST_NAME	No
12	ADMIN_EMAIL	No
13	ADMIN_PASSWORD	No
14	ORGANIZATION_NAME	No		Initial organization name
15	SECRET	Yes		Used for internal password recovery token en-/decryption
16	CODE_ACTIVE_MINUTES	No	15	Token lifetime in minutes
17	EMAIL_MODE	No	enable	Options: `enable`, `disable`
18	SMTP_HOST	If `EMAIL_MODE` is enable
19	SMTP_PORT	If `EMAIL_MODE` is enable
20	SMTP_USER	If `EMAIL_MODE` is enable
21	SMTP_PASS	If `EMAIL_MODE` is enable
22	SMTP_SECURE	If `EMAIL_MODE` is enable
23	HOST_URL	No (required for on-prem)	https://replex.replex.io	Server host url.
24	PRICING_API_MODE	No	enable	Options: `enable`, `disable`
25	PRICING_API_KEY	If `PRICING_API_MODE` is enable
26	PRICING_API_HOST	If `PRICING_API_MODE` is enable
27	MAX_POOL_SIZE	No	20	Max database connection pool size
28	LOG_LEVEL	No	6	Higher value represents higher verbosity (correspond to `syslog` levels - https://en.wikipedia.org/wiki/Syslog#Severity_level)
29	INGRESS_NAME	No		Ingress to be configured with new host information for organization
30	INGRESS_HOST_SUFFIX	No	`replex.io`	Suffix appended to organization tenant ID to form Ingress host
31	STRIPE_API_KEY	No		Stripe API key. Used for Servicebot self checkout
32	STRIPE_WEBHOOK_SECRET	No		Stripe webhook secret. Used for verifying stripe webhook requests.
33	SERVICEBOT_PORTAL_ID	No		Servicebot Billing Page ID of the Customer Portal.
34	SERVICEBOT_CHECKOUT_ID	No		Servicebot Checkout Page ID.
35	STRIPE_PRODUCT_ID	No		Stripe Product ID.
36	SAML_DECRYPTION_PRIVATE_KEY	No		SAML SP Private Key to decrypt SAMLResponses. Prefix with `file:` if specifying a file path.
37	SAML_DECRYPTION_PUBLIC_CERT	No		SAML SP Public certificate to decrypt SAMLResponses. Prefix with `file:` if specifying a file path.
38	SAML_SIGNING_PRIVATE_KEY	No		SAML SP Private Key to sign SAMLRequests. Prefix with `file:` if specifying a file path.
39	SAML_SIGNING_PUBLIC_CERT	No		SAML SP Public Certificate to sign SAMLRequests. Prefix with `file:` if specifying a file path.
40	METRICS_RETENTION_THRESHOLD_DAYS	No	7	Represents the period when the raw metrics are saved in the db and could be accessed in short time range stats queries
41	CLOUDCOST_TAG_KEY_NAMESPACE	No	CLOUDCOST_TAG_KEY_NAMESPACE	Tag key representing namespaces in cloud billing data.
42	DB_READ_HOSTS	NO		Comma-separated list of read replica IP addresses, e.g. 1.1.1.1,8.8.9.9,192.168.5.255