DB Console Overview

On this page Carat arrow pointing down
Warning:
CockroachDB v21.2 is no longer supported. For more details, see the Release Support Policy.

The DB Console provides details about your cluster and database configuration, and helps you optimize cluster performance.

DB Console areas

Overview

The Overview page provides a cluster overview and node list and map.

  • Cluster Overview has essential metrics about the cluster and nodes, including liveness status, replication status, uptime, and hardware usage.
  • Node List has a list of cluster metrics at the locality and node levels.
  • Node Map displays a geographical configuration of your cluster and metrics at the locality and node levels, visualized on a map.

Metrics

The Metrics page provides dashboards for all types of CockroachDB metrics.

Databases

The Databases page shows details about the system and user databases in the cluster.

SQL Activity

The SQL Activity page summarizes SQL activity in your cluster.

  • Statements shows frequently executed and high latency SQL statements, with the option to collect statement diagnostics.
  • Transactions show details about transactions running on the cluster.
  • Sessions shows details about open sessions in the cluster.

Network Latency

The Network Latency page shows latencies and lost connections between all nodes in your cluster.

Jobs

The Jobs page shows details of jobs running in the cluster.

Advanced Debug

The Advanced Debug page provides advanced monitoring and troubleshooting reports. These include details about data distribution, the state of specific queues, and slow query metrics. These details are largely intended for use by CockroachDB developers.

DB Console access

You can access the DB Console from every node at http://<host>:<http-port>, or http://<host>:8080 by default.

  • If you included the --http-addr flag when starting nodes, use the IP address or hostname and port specified by that flag.
  • If you didn't include the --http-addr flag when starting nodes, use the IP address or hostname specified by the --listen-addr flag and port 8080.
  • If you are running a secure cluster, use https instead of http.

For guidance on accessing the DB Console in the context of cluster deployment, see Start a Local Cluster and Manual Deployment.

Proxy DB Console

If your CockroachDB cluster is behind a load balancer, you may wish to proxy your DB Console connection to a different node in the cluster from the node you first connect to. This is useful in deployments where a third-party load balancer otherwise determines which CockroachDB node you connect to in DB Console, or where web management access is limited to a subset of CockroachDB instances in a cluster.

You can accomplish this using one of these methods:

  • Once connected to DB Console, use the Web server dropdown menu from the Advanced Debug page to select a different node to proxy to.
  • Use the remote_node_id parameter in your DB Console URL to proxy directly to a specific node. For example, use http://<host>:<http-port>/?remote_node_id=2 to proxy directly to node 2.

DB Console security considerations

Access to DB Console is a function of cluster security and the role of the accessing user.

Cluster security

On insecure clusters, all areas of the DB Console are accessible to all users.

On secure clusters, for each user who should have access to the DB Console, you must create a user with a password and optionally GRANT the user membership to the admin role.

Role-based security

All users have access to data over which they have privileges (e.g., jobs and list of sessions), and data that does not require privileges (e.g., cluster health, node status, metrics).

admin users also have access to the following areas. These area display information from privileged HTTP endpoints that operate with admin privilege.

DB Console area Privileged information
Node Map Database and table names
Databases Stored table data
Statements SQL statements
Transactions Transactions
Advanced Debug (some reports) Stored table data, operational details, internal IP addresses, names, credentials, application data (depending on report)

Diagnostics reporting

By default, the DB Console shares anonymous usage details with Cockroach Labs. For information about the details shared and how to opt-out of reporting, see Diagnostics Reporting.

See also


Yes No
On this page

Yes No