Add CockroachDB as Grafana Datasource


I hope this is the right place to ask my question.
I would like to connect CockroachDB Cloud to Grafana Cloud.
Inside Grafana, I’m using the PostgreSQL Data Source type.
Unfortunately, I am unable to get a connection working, even though “Save and Test” gives a “Database Connection OK”, but when I create a panel with a query, there are complaints about the certificates.
I already tried some combinations, but obviously not yet the correct one.

Am I right with the TLS/SSL settings and can someone tell me, what should I input into the TLS/SSL Auth Details? The .postgresql/root.crt file contains only 2 certificates, probably those are the CA and Client cert, but what would be the client key?

Thanks in advance,

Hello! Just for a bit more context, did you set this up using our docs on connecting to Prometheus and Grafana?

Hi @MichaelB,

no, I don’t want to monitor the metadata/health of CockroachDB but the data which is actually stored in custom tables.

Thanks for clarifying! Check this section of the docs on client connection parameters, like finding the client key in SSL/TLS mode. Client Connection Parameters | CockroachDB Docs

Hm, unfortunately, I still don’t understand where to find the client key.
When I click Connect in the cockroach cloud web UI, I can only get a root.crt (which is probably called ca.crt in other parts of the cockroach documentation.
I thought based on this root.crt, I should be able to generate any keys I want to but according to cockroach cert | CockroachDB Docs I also need a ca.key file which I can’t find and also can’t generate with the root.crt (?)

quick question: are you on a serverless cluster or dedicated cockroach cloud cluster?

I’m on the Serverless plan type.

Since you’re on a serverless cluster, the only cert (the root.crt) we provide is for verifying the identity of the server the cluster is running on. A serverless user cannot create CA certs.

We have not built out an integration to connect grafana to our serverless offering, so I’m not confident you can connect with grafana :(. It may be worth reaching out to grafana’s customer service to see if they have any ideas, because you may not need the custom cert as you are running your db on a serverless cluster.

To put the feature request on our radar, I’d also recommend filing a github issue.