DB Console Overview

On this page

The DB Console provides details about your cluster and database configuration, and helps you optimize cluster performance.

Authentication

The DB Console supports username/password login, as well single sign-on (SSO) (Dedicated and Self-Hosted Enterprise clusters only).

The DB Console sign-on page can also be used to provision authentication tokens for SQL client access.

Refer to:

• Single Sign-on (SSO) for DB Console
• Cluster Single Sign-on (SSO) using JSON web tokens (JWTs)

DB Console areas

Overview

The Overview page provides a cluster overview and node list and map.

• Cluster Overview has essential metrics about the cluster and nodes, including liveness status, replication status, uptime, and hardware usage.
• Node List has a list of cluster metrics at the locality and node levels.
• Node Map displays a geographical configuration of your cluster and metrics at the locality and node levels, visualized on a map.

Metrics

The Metrics page provides dashboards for all types of CockroachDB metrics.

• Overview dashboard has metrics about SQL performance, replication, and storage.
• Hardware dashboard has metrics about CPU usage, disk throughput, network traffic, storage capacity, and memory.
• Runtime dashboard has metrics about node count, CPU time, and memory usage.
• SQL dashboard has metrics about SQL connections, byte traffic, queries, transactions, and service latency.
• Storage dashboard has metrics about storage capacity and file descriptors.
• Replication dashboard has metrics about how data is replicated across the cluster, e.g., range status, replicas per store, and replica quiescence.
• Distributed dashboard has metrics about distribution tasks across the cluster, including RPCs, transactions, and node heartbeats.
• Queues dashboard has metrics about the health and performance of various queueing systems in CockroachDB, including the garbage collection and Raft log queues.
• Slow requests dashboard has metrics about important cluster tasks that take longer than expected to complete, including Raft proposals and lease acquisitions.
• Changefeeds dashboard has metrics about the changefeeds created across your cluster.
• Overload dashboard has metrics about the performance of the parts of your cluster relevant to the cluster's admission control system.
• TTL dashboard has metrics about the progress and performance of batch deleting expired data using Row-Level TTL from your cluster.
• Physical Cluster Replication dashboard has metrics about the physical cluster replication streams between a primary and standby cluster.

Databases

The Databases page shows details about the system and user databases in the cluster.

SQL Activity

The SQL Activity page summarizes SQL activity in your cluster.

• Statements shows frequently executed and high-latency SQL statements with the option to collect statement diagnostics.
• Transactions shows details about transactions running on the cluster.
• Sessions shows details about open sessions in the cluster.

Insights

The Insights page exposes problematic health signals and enables you to quickly find optimization opportunities to maximize database efficiency. The Insights page contains workload-level and schema-level insights.

Network Latency

The Network Latency page shows latencies and lost connections between all nodes in your cluster.

Jobs

The Jobs page shows details of jobs running in the cluster.

Advanced Debug

The Advanced Debug page provides advanced monitoring and troubleshooting reports. These include details about data distribution, the state of specific queues, and slow query metrics. These details are largely intended for use by CockroachDB developers. To access the Advanced Debug page, the user must be a member of the admin role or must have the VIEWDEBUG system privilege defined.

DB Console access

You can access the DB Console from every node at http://<host>:<http-port>, or http://<host>:8080 by default.

• If you included the --http-addr flag when starting nodes, use the IP address or hostname and port specified by that flag.
• If you didn't include the --http-addr flag when starting nodes, use the IP address or hostname specified by the --listen-addr flag and port 8080.
• If you are running a secure cluster, use https instead of http.

For guidance on accessing the DB Console in the context of cluster deployment, see Start a Local Cluster and Manual Deployment.

Proxy DB Console

If your CockroachDB cluster is behind a load balancer, you may wish to proxy your DB Console connection to a different node in the cluster from the node you first connect to. This is useful in deployments where a third-party load balancer otherwise determines which CockroachDB node you connect to in DB Console, or where web management access is limited to a subset of CockroachDB instances in a cluster.

You can accomplish this using one of these methods:

• Once connected to DB Console, use the Web server dropdown menu from the Advanced Debug page to select a different node to proxy to.
• Use the remote_node_id parameter in your DB Console URL to proxy directly to a specific node. For example, use http://<host>:<http-port>/?remote_node_id=2 to proxy directly to node 2.

DB Console security considerations

Access to DB Console is a function of cluster security and the privileges of the accessing user.

Cluster security

On insecure clusters, all areas of the DB Console are accessible to all users.

On secure clusters, for each user who should have access to the DB Console, you must create a user with a password and optionally GRANT the user system-level privileges or membership to the admin role.

Role-based security

All users have access to data over which they have privileges (e.g., jobs and list of sessions), and data that does not require privileges (e.g., cluster health, node status, metrics).

The following areas display information from privileged HTTP endpoints that require the user to have the admin role or the specified system-level privileges.

DB Console timezone configuration

You can view timestamps in the DB Console in your preferred timezone using the ui.display_timezone cluster setting. Currently supported timezones are Coordinated Universal Time (etc/utc, the default) and America/New_York (america/new_york):

SET CLUSTER SETTING ui.display_timezone = 'america/new_york';

DB Console troubleshooting

The DB Console stores temporary data in a time-series database in order to generate the various metrics graphs. If your cluster is comprised of a large number of nodes where individual nodes have very limited memory available (e.g., under 8 GiB), this underlying time-series database may not have enough memory available per-node to serve these requests quickly. If the DB Console experiences issues rendering these metrics graphs, consider increasing the value of the --max-tsdb-memory flag.

Diagnostics reporting

By default, the DB Console shares anonymous usage details with Cockroach Labs. For information about the details shared and how to opt-out of reporting, see Diagnostics Reporting.

License expiration message

If you have set a license to use enterprise features, a license expiration message is displayed at the top-right of the DB Console. While the license is valid, the message will read License expires in X days, where X is the number of days. If the license is no longer valid, the message will read License expired X days ago. Hovering over either message displays a tooltip with the expiration date of the license.

See also

• Troubleshooting Overview
• Support Resources
• Raw Status Endpoints

Was this helpful?