Skip to main content
Starting with Arize AX Self-Hosted release 10.4.0, a single unified endpoint was introduced to simplify ingress configuration. Support for four-endpoint remains available as an option, and we added a two-endpoint example for a less common use case.

Single Endpoint

With single endpoints, all services are available through a common host address and port:
HostFunction
arize-app.<domain>
  • Arize AX UI
  • SDK panda uploads and logs
  • OTEL traces with GRPC
  • OTEL traces with HTTP
  • Flightserver import/export, datasets.

Example with Arize AX SDK

arize_client = Client(
    space_id=SPACE_ID,
    api_key=API_KEY,
    uri="https://arize-app.<domain>/v1"
)

Example with Arize AX SDK with Evaluations

arize_client = Client(
    space_id=SPACE_ID,
    api_key=API_KEY,
    uri="https://arize-app.<domain>/v1",
    host="arize-app.<domain>"
    ...
)

Example with OTEL traces and GRPC

# gRPC
from arize.otel import register, Transport
tracer_provider = register(
    space_id = SPACE_ID,
    api_key=API_KEY,
    endpoint = "https://arize-app.<domain>/v1",
    # transport = Transport.GRPC, # default
    ...
)

Example with OTEL traces and HTTP

from arize.otel import register, Transport
tracer_provider = register(
    space_id = SPACE_ID,
    api_key=API_KEY,
    endpoint = "https://arize-app.<domain>/v1/traces",
    transport = Transport.HTTP,
    ...
)

Example with FlightServer Export Client

client = ArizeExportClient(
    api_key=API_KEY,
    host="arize-app.<domain>",
    ...
)

Example with FlightServer Datasets Client

client = ArizeDatasetsClient(
    api_key=API_KEY,
    host='arize-app.<domain>',
    otlp_endpoint="https://arize-app.<domain>/v1",
    ...
)

Two Endpoints(Less common)

On top of single endpoint, there is a corner case that you have to use a separate endpoint for gRPC traffic:
HostFunction
arize-app.<domain>
  • Arize AX UI
  • SDK panda uploads and logs
  • OTEL traces with HTTP
arize-grpc.<domain>
  • OTEL traces with GRPC
  • Flightserver import/export, datasets.

Example with Arize AX SDK

arize_client = Client(
    space_id=SPACE_ID,
    api_key=API_KEY,
    uri="https://arize-app.<domain>/v1"
)

Example with Arize AX SDK with Evaluations

arize_client = Client(
    space_id=SPACE_ID,
    api_key=API_KEY,
    uri="https://arize-app.<domain>/v1",
    host="arize-grpc.<domain>"
    ...
)

Example with OTEL traces and GRPC

# gRPC
from arize.otel import register, Transport
tracer_provider = register(
    space_id = SPACE_ID,
    api_key=API_KEY,
    endpoint = "https://arize-grpc.<domain>/v1",
    # transport = Transport.GRPC, # default
    ...
)

Example with OTEL traces and HTTP

from arize.otel import register, Transport
tracer_provider = register(
    space_id = SPACE_ID,
    api_key=API_KEY,
    endpoint = "https://arize-app.<domain>/v1/traces",
    transport = Transport.HTTP,
    ...
)

Example with FlightServer Export Client

client = ArizeExportClient(
    api_key=API_KEY,
    host="arize-grpc.<domain>",
    ...
)

Example with FlightServer Datasets Client

client = ArizeDatasetsClient(
    api_key=API_KEY,
    host='arize-grpc.<domain>',
    otlp_endpoint="https://arize-grpc.<domain>/v1",
    ...
)

Four Endpoints

If your deployment is configured with four endpoints, it requires different ingress configurations and host addresses:
HostFunction
arize-app.<domain>
  • Arize AX UI
  • Auth
  • Copilot
arize-api.<domain>
  • SDK panda uploads and logs
arize-otlp.<domain>
  • OTEL traces (GRPC/HTTP)
arize-flight.<domain>
  • Flightserver import/export, datasets.

Example with Arize AX SDK

arize_client = Client(
    space_id=SPACE_ID,
    api_key=API_KEY,
    uri="https://arize-api.<domain>/v1"
)

Example with Arize AX SDK with Evaluations

arize_client = Client(
    space_id=SPACE_ID,
    api_key=API_KEY,
    uri="https://arize-api.<domain>/v1",
    host="arize-flight.<domain>"
    ...
)

Example with OTEL traces and GRPC

from arize.otel import register, Transport
tracer_provider = register(
    space_id=SPACE_ID,
    api_key=API_KEY,
    endpoint = "https://arize-otlp.<domain>/v1",
    # transport = Transport.GRPC, # default
    ...
)

Example with OTEL traces and HTTP

from arize.otel import register, Transport
tracer_provider = register(
    space_id=SPACE_ID,
    api_key=API_KEY,
    endpoint = "https://arize-otlp.<domain>/v1/traces",
    transport = Transport.HTTP,
    ...
)

Example with FlightServer Export Client

client = ArizeExportClient(
    api_key=API_KEY,
    host='arize-flight.<domain>',
    ...
)

Example with FlightServer Datasets Client

client = ArizeDatasetsClient(
    api_key=API_KEY,
    host='arize-flight.<domain>',
    otlp_endpoint="https://arize-otlp.<domain>/v1",
    ...
)

Using an Enterprise-Issued Certificate

If your deployment uses a certificate signed by your own enterprise private CA or a self-signed certificate, follow the relevant instructions below for your deployment type and use case.

Obtaining the Root CA Certificate

First, obtain the root CA certificate that was used to sign your endpoint’s certificate. This root certificate is typically managed by the security team and is common across environments.

Extracting the Certificate(If Root CA Certificate is not available)

If providing the root certificate doesn’t resolve the issue or is not an option, an alternative approach is to extract the certificate directly from the endpoint and create the cert.pem file. 
echo | openssl s_client -showcerts -state -connect <host>:443 -prexit > cert.pem

Arize SDK

  • Temporarily disable certificate validation (not recommended for production): 
    arize_client = Client(space_id=SPACE_ID, api_key=API_KEY, uri=URI, request_verify=False)
  • Provide the root certificate file: 
    arize_client = Client(space_id=SPACE_ID, api_key=API_KEY, uri=URI, request_verify="cert.pem")
    Or 
    # if root cert has already been added to your system CA bundle
import certifi
arize_client = Client(space_id=SPACE_ID, api_key=API_KEY, uri=URI, request_verify=certifi.where())

OTEL Traces (GRPC/HTTP)

  • Set the OTEL_EXPORTER_OTLP_CERTIFICATE environment variable to your root certificate: 
    os.environ["OTEL_EXPORTER_OTLP_CERTIFICATE"] = "cert.pem"
    Or 
    # if root cert has already been added to your system CA bundle
import certifi
os.environ['OTEL_EXPORTER_OTLP_CERTIFICATE'] = certifi.where()

FlightServer Export/Datasets Client

  • Set the GRPC_DEFAULT_SSL_ROOTS_FILE_PATH environment variable to your root certificate: 
    os.environ['GRPC_DEFAULT_SSL_ROOTS_FILE_PATH'] = "cert.pem"
    Or 
    # if root cert has already been added to your system CA bundle
import certifi
os.environ['GRPC_DEFAULT_SSL_ROOTS_FILE_PATH'] = certifi.where()