英文:
How to add default json dashboard template while deploying using yaml
问题
我正在尝试在部署时获取默认的Grafana仪表板和管理员用户名/密码。
我尝试创建values.yaml,但似乎不起作用。
---
apiVersion: v1
kind: ConfigMap
metadata:
name: grafana
namespace: monitoring
labels:
grafana_dashboard: "1"
data:
dashboard-k8.json: | (3)
${indent(4, data)}
是否有更好的方法可以实现这一目标?我还使用了相同的方法来设置Grafana的默认用户名和密码。
我正在进行一个维护项目,所以不是Grafana的新安装。但是,要求在部署服务时设置默认仪表板,并使用新的管理员用户名和密码。
英文:
I am trying to get default Grafana dashboard and admin username/password on deploy.
I tried creating values.yaml but doesn't seem like its working
---
apiVersion: v1
kind: ConfigMap
metadata:
name: grafana
namespace: monitoring
labels:
grafana_dashboard: "1"
data:
dashboard-k8.json: | (3)
${indent(4, data)}
Is there any better working way to do this? and I used same method for default username and password for grafana.
I am working on a maintenance project so its not new installation of Grafana. But, the requirement is to have default dashboard set with new admin username and password when the service is deployed.
答案1
得分: 2
根据Grafana Docker文档,可以使用格式为GF_<SectionName>_<KeyName>__FILE的环境变量在运行时设置grafana.ini文件中的任何配置项,这些变量表示包含实际值的文件路径。因此,我们可以使用环境变量GF_SECURITY_ADMIN_USER__FILE、GF_SECURITY_ADMIN_PASSWORD__FILE和GF_DASHBOARDS_DEFAULT_HOME_DASHBOARD_PATH__FILE来设置管理员用户名、密码和在启动时打开的仪表板。
根据这个答案中的说明,可以使用类型为file的仪表板提供程序从文件中导入仪表板。
结合使用这两种技术,我认为我能够获得您想要的效果。
所执行的步骤包括:
- 创建一个包含管理员密码的密钥。在运行时,密码会被挂载到grafana容器的
/etc/secrets/admin_password路径,并将环境变量GF_SECURITY_ADMIN_PASSWORD__FILE设置为/etc/secrets/admin_password。 - 创建一个包含仪表板提供程序配置的配置映射,该配置映射被挂载为
/etc/grafana/provisioning/dashboards/main.yaml。 - 创建另一个配置映射,包含管理员用户和默认仪表板路径。这些值以文件形式暴露给容器,文件路径设置为
GF_SECURITY_ADMIN_PASSWORD__FILE和GF_DASHBOARDS_DEFAULT_HOME_DASHBOARD_PATH__FILE环境变量。 - 创建另一个配置映射,其中包含默认仪表板的JSON。JSON文件被挂载为
/var/lib/grafana/dashboards/test-dashboard.json,文本/var/lib/grafana/dashboards/test-dashboard.json被暴露为/etc/config/default_home_dashboard_path(在前一步中设置)。
仪表板JSON的配置映射如下:
---
apiVersion: v1
kind: ConfigMap
metadata:
namespace: default
labels:
app: grafana
name: grafana-dashboards
data:
test-dashboard.json: |-
{
"annotations": {
"list": [
...截断...
}
其他配置映射和部署规范如下:
---
apiVersion: v1
kind: Secret
metadata:
namespace: default
labels:
app: grafana
name: grafana-secrets
type: Opaque
stringData:
admin_password: testpwd
---
apiVersion: v1
kind: ConfigMap
metadata:
namespace: default
labels:
app: grafana
name: grafana-dashboard-provider
data:
dashboard.yml: |-
---
apiVersion: 1
providers:
- name: "Dashboard provider"
orgId: 1
type: file
disableDeletion: false
updateIntervalSeconds: 10
allowUiUpdates: false
options:
path: /var/lib/grafana/dashboards
foldersFromFilesStructure: true
---
apiVersion: v1
kind: ConfigMap
metadata:
namespace: default
labels:
app: grafana
name: grafana-config
data:
admin_user: testuser
default_home_dashboard_path: /var/lib/grafana/dashboards/test-dashboard.json
---
apiVersion: apps/v1
kind: Deployment
metadata:
namespace: default
labels:
app: grafana
name: grafana
spec:
selector:
matchLabels:
app: grafana
template:
metadata:
labels:
app: grafana
spec:
volumes:
- name: secret-volume
secret:
secretName: grafana-secrets
items:
- key: admin_password
path: admin_password
- name: dashboard-provider-volume
configMap:
name: grafana-dashboard-provider
items:
- key: dashboard.yml
path: main.yaml
- name: dashboards-volume
configMap:
name: grafana-dashboards
items:
- key: test-dashboard.json
path: test-dashboard.json
- name: config-volume
configMap:
name: grafana-config
items:
- key: admin_user
path: admin_user
- key: default_home_dashboard_path
path: default_home_dashboard_path
containers:
- name: grafana
image: grafana/grafana-oss:9.5.1
imagePullPolicy: IfNotPresent
ports:
- containerPort: 3000
volumeMounts:
- name: secret-volume
mountPath: /etc/secrets
- name: dashboard-provider-volume
mountPath: /etc/grafana/provisioning/dashboards
- name: dashboards-volume
mountPath: /var/lib/grafana/dashboards
- name: config-volume
mountPath: /etc/config
env:
- name: GF_SECURITY_ADMIN_PASSWORD__FILE
value: /etc/secrets/admin_password
- name: GF_SECURITY_ADMIN_USER__FILE
value: /etc/config/admin_user
- name: GF_DASHBOARDS_DEFAULT_HOME_DASHBOARD_PATH__FILE
value: /etc/config/default_home_dashboard_path
完整的配置文件可以在GitHub上找到。
英文:
As per the grafana docker documentation, any config in the grafana.ini file can be set at runtime using environment variables of the format GF_<SectionName>_<KeyName>__FILE, which represent paths to files containing the actual value. So we can use the environment variables GF_SECURITY_ADMIN_USER__FILE, GF_SECURITY_ADMIN_PASSWORD__FILE and GF_DASHBOARDS_DEFAULT_HOME_DASHBOARD_PATH__FILE, to set the admin username, password and the dashboard that is opened at launch.
According to the instructions in this answer, we can use a dashboard provider of type file to import dashboards from files.
Using both these techniques together, I think I was able to get what you wanted.
Steps performed:
- Created a secret that contains the admin password. At runtime, the password gets mounted into the grafana container at
/etc/secrets/admin_passwordand environment variableGF_SECURITY_ADMIN_PASSWORD__FILEgets set to/etc/secrets/admin_password - Created a config map that contains the dashboard provider config which gets mounted as
/etc/grafana/provisioning/dashboards/main.yaml - Created another config map that contains the admin user and default dashboard path. These values are exposed to the container as files
/etc/config/admin_userand/etc/config/default_home_dashboard_path, with those file paths set to theGF_SECURITY_ADMIN_PASSWORD__FILEandGF_DASHBOARDS_DEFAULT_HOME_DASHBOARD_PATH__FILEenvironment variables - Created another config map which contains the JSON for the default dashboard. The JSON file gets mounted as
/var/lib/grafana/dashboards/test-dashboard.json, with the text/var/lib/grafana/dashboards/test-dashboard.jsonexposed as/etc/config/default_home_dashboard_path(set in the previous step)
Config map for the dashboard JSON:
---
apiVersion: v1
kind: ConfigMap
metadata:
namespace: default
labels:
app: grafana
name: grafana-dashboards
data:
test-dashboard.json: |-
{
"annotations": {
"list": [
...truncated...
}
Other config maps and deployment spec:
---
apiVersion: v1
kind: Secret
metadata:
namespace: default
labels:
app: grafana
name: grafana-secrets
type: Opaque
stringData:
admin_password: testpwd
---
apiVersion: v1
kind: ConfigMap
metadata:
namespace: default
labels:
app: grafana
name: grafana-dashboard-provider
data:
dashboard.yml: |-
---
apiVersion: 1
providers:
- name: "Dashboard provider"
orgId: 1
type: file
disableDeletion: false
updateIntervalSeconds: 10
allowUiUpdates: false
options:
path: /var/lib/grafana/dashboards
foldersFromFilesStructure: true
---
apiVersion: v1
kind: ConfigMap
metadata:
namespace: default
labels:
app: grafana
name: grafana-config
data:
admin_user: testuser
default_home_dashboard_path: /var/lib/grafana/dashboards/test-dashboard.json
---
apiVersion: apps/v1
kind: Deployment
metadata:
namespace: default
labels:
app: grafana
name: grafana
spec:
selector:
matchLabels:
app: grafana
template:
metadata:
labels:
app: grafana
spec:
volumes:
- name: secret-volume
secret:
secretName: grafana-secrets
items:
- key: admin_password
path: admin_password
- name: dashboard-provider-volume
configMap:
name: grafana-dashboard-provider
items:
- key: dashboard.yml
path: main.yaml
- name: dashboards-volume
configMap:
name: grafana-dashboards
items:
- key: test-dashboard.json
path: test-dashboard.json
- name: config-volume
configMap:
name: grafana-config
items:
- key: admin_user
path: admin_user
- key: default_home_dashboard_path
path: default_home_dashboard_path
containers:
- name: grafana
image: grafana/grafana-oss:9.5.1
imagePullPolicy: IfNotPresent
ports:
- containerPort: 3000
volumeMounts:
- name: secret-volume
mountPath: /etc/secrets
- name: dashboard-provider-volume
mountPath: /etc/grafana/provisioning/dashboards
- name: dashboards-volume
mountPath: /var/lib/grafana/dashboards
- name: config-volume
mountPath: /etc/config
env:
- name: GF_SECURITY_ADMIN_PASSWORD__FILE
value: /etc/secrets/admin_password
- name: GF_SECURITY_ADMIN_USER__FILE
value: /etc/config/admin_user
- name: GF_DASHBOARDS_DEFAULT_HOME_DASHBOARD_PATH__FILE
value: /etc/config/default_home_dashboard_path
The complete config files can be found on github
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论