I'm attempting to implement Multi-tenancy with APM Server / UI. Following this blog the recommendation is to use custom routing. https://www.elastic.co/blog/found-multi-tenancy.
My requirement is one APM server that can route multiple agents to isolated data within Elastic without creating an index per tenant (again per the blog). And then only show the data associated with an agents id (in this case a tenant id). We can not have tenant A seeing tenant B's data.
This works as expected if I place a static value in apm-server.yml (like below), but unfortunately, I do not see a way for this "value" to be dynamic based off a token, or an incoming query param. This is why I'm looking at alternatives.
# Dictionary of HTTP parameters to pass within the url with index operations.
# routing: "foobar"
The thought process is to have the APM Agent pass the secretToken through to nginx, decode the token and pull an id out to _route the request to elastic .. http://elk:9200?routing=foo.
Additionally, I'm using the node apm agent, and it doesn't appear to pass these queries off to the APM server, actually the APM server does not recognize the request as far as I can tell, when appending query params by watching the logs.
If you know of any "best practices" for multi-tenancy with APM that would be great to hear, or any workarounds to what I'm attempting to accomplish.