Skip to content
Telescope

Connection

A Connection is an object that defines connection parameters for an external data source, such as a database or container runtime. Connections are separate, reusable entities that can be shared across multiple sources.

Overview

Section titled “Overview”

Connections store the technical details needed to connect to external systems:

  • Host and port information
  • Authentication credentials
  • SSL/TLS configuration
  • Protocol-specific settings

By separating connections from sources, Telescope enables:

  • Reusability: One connection can be used by multiple sources
  • Security: Connection credentials are managed independently
  • Flexibility: Update connection details without modifying sources
  • Access Control: Fine-grained permissions on who can use or manage connections

Connection vs Source

Section titled “Connection vs Source”
AspectConnectionSource
PurposeTechnical connectivityData structure and access
ContainsHost, credentials, SSL configDatabase/table, field mappings, time field
ReusabilityCan be shared by multiple sourcesReferences one connection
RBACIndependent permission modelIndependent permission model

Supported Connection Types

Section titled “Supported Connection Types”

ClickHouse Connection

Section titled “ClickHouse Connection”

Important: As of version 0.0.19, Telescope only supports HTTP(S) connections to ClickHouse. The native protocol is no longer supported.

ClickHouse connections use the clickhouse-connect Python library, which communicates exclusively over HTTP(S) protocol.

Parameters:

  • host – ClickHouse server host (e.g., localhost)
  • port – HTTP(S) port (default: 8123 for HTTP, 8443 for HTTPS)
  • user – Username for authentication
  • password – Password for authentication
  • ssl – Enable HTTPS connection

SSL Options (when SSL is enabled):

  • verify – Whether to validate certificates (default: True)
  • ca_certs – CA certificate file path
  • certfile – Client certificate file
  • keyfile – Client key file
  • server_hostname – SNI hostname for SSL
  • alt_hosts – Alternative hosts for failover

StarRocks Connection

Section titled “StarRocks Connection”

Since v0.0.26

StarRocks connections use the mysql-connector-python library, which communicates over the MySQL wire protocol.

Parameters:

  • host – StarRocks FE server host (e.g., localhost)
  • port – MySQL protocol port (default: 9030)
  • user – Username for authentication (default: root)
  • password – Password for authentication
  • ssl – Enable TLS connection

TLS Options (when TLS is enabled):

  • verify – Whether to validate certificates (default: True)
  • ca_cert – CA certificate content
  • client_cert – Client certificate content
  • client_cert_key – Client certificate key content
  • server_host_name – SNI hostname for TLS
  • tls_mode – TLS configuration mode

Docker Connection

Section titled “Docker Connection”

Docker connections enable log streaming from Docker containers.

Parameters:

  • address – Docker daemon socket URL
    • Local: unix:///var/run/docker.sock
    • Remote: tcp://<host>:<port>

Kubernetes Connection

Section titled “Kubernetes Connection”

Kubernetes connections enable log querying from pods and containers via the Kubernetes API.

Parameters:

  • Use local file path instead of content – Toggle to choose between local file path or inline content
    • When enabled: Use local file path (requires Kubeconfig file path)
    • When disabled: Provide kubeconfig content inline (requires Kubeconfig Yaml Content)
  • Context FlyQL Filter – FlyQL expression to filter available contexts
    • Example: name ~ "prod.*" to include only production contexts
    • Leave empty to include all contexts from the kubeconfig
  • Max Concurrent Requests – Maximum number of concurrent API requests per context (default: 20)
    • Controls parallelism when fetching logs from multiple pods
    • Each context will have at most N parallel requests

Connection Lifecycle

Section titled “Connection Lifecycle”
  1. Creation: Administrator or authorized user creates a connection
  2. Testing: Connection credentials are validated
  3. Usage: Sources reference the connection
  4. Sharing: Connection permissions grant access to users/groups
  5. Updates: Connection parameters can be modified
  6. Deletion: Only possible if no sources are using it

Connection Permissions

Section titled “Connection Permissions”

See Authentication & Authorization for detailed permission model.

Managing Connections

Section titled “Managing Connections”
  • Create: Via UI at /connections/new
  • List: View available connections at /connections
  • Edit: Modify connection parameters at /connections/:id/edit
  • Access Control: Manage who can use the connection
  • Delete: Remove unused connections (blocked if in use by sources)

Best Practices

Section titled “Best Practices”
  1. Naming: Use descriptive names indicating environment (e.g., “Production ClickHouse”, “Staging Docker”)
  2. Security:
    • Use separate connections for different security contexts
    • Enable SSL/TLS for production connections
    • Regularly rotate credentials
  3. Reusability: Create connections at the appropriate scope (team, project, environment)
  4. Access Control: Grant minimum required permissions
  5. Documentation: Use the description field to note important details
Section titled “Related Concepts”