kubeasz/manifests/prometheus/grafana/README.md

10 KiB

Grafana Helm Chart

  • Installs the web dashboarding system Grafana

TL;DR;

$ helm install stable/grafana

Installing the Chart

To install the chart with the release name my-release:

$ helm install --name my-release stable/grafana

Uninstalling the Chart

To uninstall/delete the my-release deployment:

$ helm delete my-release

The command removes all the Kubernetes components associated with the chart and deletes the release.

Configuration

Parameter Description Default
replicas Number of nodes 1
deploymentStrategy Deployment strategy RollingUpdate
livenessProbe Liveness Probe settings { "httpGet": { "path": "/api/health", "port": 3000 } }
readinessProbe Rediness Probe settings { "httpGet": { "path": "/api/health", "port": 3000 } "initialDelaySeconds": 60, "timeoutSeconds": 30, "failureThreshold": 10, "periodSeconds": 10 }
securityContext Deployment securityContext {"runAsUser": 472, "fsGroup": 472}
image.repository Image repository grafana/grafana
image.tag Image tag. (Must be >= 5.0.0) 5.2.4
image.pullPolicy Image pull policy IfNotPresent
service.type Kubernetes service type ClusterIP
service.port Kubernetes port where service is exposed 80
service.annotations Service annotations {}
service.labels Custom labels {}
ingress.enabled Enables Ingress false
ingress.annotations Ingress annotations {}
ingress.labels Custom labels {}
ingress.hosts Ingress accepted hostnames []
ingress.tls Ingress TLS configuration []
resources CPU/Memory resource requests/limits {}
nodeSelector Node labels for pod assignment {}
tolerations Toleration labels for pod assignment []
affinity Affinity settings for pod assignment {}
persistence.enabled Use persistent volume to store data false
persistence.size Size of persistent volume claim 10Gi
persistence.existingClaim Use an existing PVC to persist data nil
persistence.storageClassName Type of persistent volume claim nil
persistence.accessModes Persistence access modes []
persistence.subPath Mount a sub dir of the persistent volume ""
schedulerName Alternate scheduler name nil
env Extra environment variables passed to pods {}
envFromSecret Name of a Kubenretes secret (must be manually created in the same namespace) containing values to be added to the environment ""
extraSecretMounts Additional grafana server secret mounts []
plugins Plugins to be loaded along with Grafana []
datasources Configure grafana datasources {}
dashboardProviders Configure grafana dashboard providers {}
dashboards Dashboards to import {}
dashboardsConfigMaps ConfigMaps reference that contains dashboards {}
grafana.ini Grafana's primary configuration {}
ldap.existingSecret The name of an existing secret containing the ldap.toml file, this must have the key ldap-toml. ""
ldap.config Grafana's LDAP configuration ""
annotations Deployment annotations {}
podAnnotations Pod annotations {}
sidecar.dashboards.enabled Enabled the cluster wide search for dashboards and adds/updates/deletes them in grafana false
sidecar.dashboards.label Label that config maps with dashboards should have to be added false
sidecar.datasources.enabled Enabled the cluster wide search for datasources and adds/updates/deletes them in grafana false
sidecar.datasources.label Label that config maps with datasources should have to be added false
smtp.existingSecret The name of an existing secret containing the SMTP credentials, this must have the keys user and password. ""

Sidecar for dashboards

If the parameter sidecar.dashboards.enabled is set, a sidecar container is deployed in the grafana pod. This container watches all config maps in the cluster and filters out the ones with a label as defined in sidecar.dashboards.label. The files defined in those configmaps are written to a folder and accessed by grafana. Changes to the configmaps are monitored and the imported dashboards are deleted/updated. A recommendation is to use one configmap per dashboard, as an reduction of multiple dashboards inside one configmap is currently not properly mirrored in grafana. Example dashboard config:

apiVersion: v1
kind: ConfigMap
metadata:
  name: sample-grafana-dashboard
  labels:
     grafana_dashboard: 1
data:
  k8s-dashboard.json: |-
  [...]

Sidecar for datasources

If the parameter sidecar.datasource.enabled is set, a sidecar container is deployed in the grafana pod. This container watches all config maps in the cluster and filters out the ones with a label as defined in sidecar.datasources.label. The files defined in those configmaps are written to a folder and accessed by grafana on startup. Using these yaml files, the data sources in grafana can be modified.

Example datasource config adapted from Grafana:

apiVersion: v1
kind: ConfigMap
metadata:
  name: sample-grafana-datasource
  labels:
     grafana_datasource: 1
data:
	datasource.yaml: |-
		# config file version
		apiVersion: 1

		# list of datasources that should be deleted from the database
		deleteDatasources:
		  - name: Graphite
		    orgId: 1

		# list of datasources to insert/update depending
		# whats available in the database
		datasources:
		  # <string, required> name of the datasource. Required
		- name: Graphite
		  # <string, required> datasource type. Required
		  type: graphite
		  # <string, required> access mode. proxy or direct (Server or Browser in the UI). Required
		  access: proxy
		  # <int> org id. will default to orgId 1 if not specified
		  orgId: 1
		  # <string> url
		  url: http://localhost:8080
		  # <string> database password, if used
		  password:
		  # <string> database user, if used
		  user:
		  # <string> database name, if used
		  database:
		  # <bool> enable/disable basic auth
		  basicAuth:
		  # <string> basic auth username
		  basicAuthUser:
		  # <string> basic auth password
		  basicAuthPassword:
		  # <bool> enable/disable with credentials headers
		  withCredentials:
		  # <bool> mark as default datasource. Max one per org
		  isDefault:
		  # <map> fields that will be converted to json and stored in json_data
		  jsonData:
		     graphiteVersion: "1.1"
		     tlsAuth: true
		     tlsAuthWithCACert: true
		  # <string> json object of data that will be encrypted.
		  secureJsonData:
		    tlsCACert: "..."
		    tlsClientCert: "..."
		    tlsClientKey: "..."
		  version: 1
		  # <bool> allow users to edit datasources from the UI.
		  editable: false