如何在使用yaml部署时添加默认的json仪表板模板

huangapple go评论69阅读模式
英文:

How to add default json dashboard template while deploying using yaml

问题

我正在尝试在部署时获取默认的Grafana仪表板和管理员用户名/密码。

我尝试创建values.yaml,但似乎不起作用。

---
apiVersion: v1
kind: ConfigMap
metadata:
  name: grafana
  namespace: monitoring
  labels:
    grafana_dashboard: "1"
data:
  dashboard-k8.json: | (3)
    ${indent(4, data)}

是否有更好的方法可以实现这一目标?我还使用了相同的方法来设置Grafana的默认用户名和密码。

我正在进行一个维护项目,所以不是Grafana的新安装。但是,要求在部署服务时设置默认仪表板,并使用新的管理员用户名和密码。

英文:

I am trying to get default Grafana dashboard and admin username/password on deploy.

I tried creating values.yaml but doesn't seem like its working

---
apiVersion: v1
kind: ConfigMap
metadata:
  name: grafana
  namespace: monitoring
  labels:
    grafana_dashboard: "1"
data:
  dashboard-k8.json: | (3)
    ${indent(4, data)}

Is there any better working way to do this? and I used same method for default username and password for grafana.

I am working on a maintenance project so its not new installation of Grafana. But, the requirement is to have default dashboard set with new admin username and password when the service is deployed.

答案1

得分: 2

根据Grafana Docker文档,可以使用格式为GF_<SectionName>_<KeyName>__FILE的环境变量在运行时设置grafana.ini文件中的任何配置项,这些变量表示包含实际值的文件路径。因此,我们可以使用环境变量GF_SECURITY_ADMIN_USER__FILEGF_SECURITY_ADMIN_PASSWORD__FILEGF_DASHBOARDS_DEFAULT_HOME_DASHBOARD_PATH__FILE来设置管理员用户名、密码和在启动时打开的仪表板。

根据这个答案中的说明,可以使用类型为file的仪表板提供程序从文件中导入仪表板。

结合使用这两种技术,我认为我能够获得您想要的效果。

所执行的步骤包括:

  • 创建一个包含管理员密码的密钥。在运行时,密码会被挂载到grafana容器的/etc/secrets/admin_password路径,并将环境变量GF_SECURITY_ADMIN_PASSWORD__FILE设置为/etc/secrets/admin_password
  • 创建一个包含仪表板提供程序配置的配置映射,该配置映射被挂载为/etc/grafana/provisioning/dashboards/main.yaml
  • 创建另一个配置映射,包含管理员用户和默认仪表板路径。这些值以文件形式暴露给容器,文件路径设置为GF_SECURITY_ADMIN_PASSWORD__FILEGF_DASHBOARDS_DEFAULT_HOME_DASHBOARD_PATH__FILE环境变量。
  • 创建另一个配置映射,其中包含默认仪表板的JSON。JSON文件被挂载为/var/lib/grafana/dashboards/test-dashboard.json,文本/var/lib/grafana/dashboards/test-dashboard.json被暴露为/etc/config/default_home_dashboard_path(在前一步中设置)。

仪表板JSON的配置映射如下:

---
apiVersion: v1
kind: ConfigMap
metadata:
  namespace: default
  labels:
    app: grafana
  name: grafana-dashboards
data:
  test-dashboard.json: |-
    {
      "annotations": {
        "list": [
      ...截断...
    }    

其他配置映射和部署规范如下:

---
apiVersion: v1
kind: Secret
metadata:
  namespace: default
  labels:
    app: grafana
  name: grafana-secrets
type: Opaque
stringData:
  admin_password: testpwd

---
apiVersion: v1
kind: ConfigMap
metadata:
  namespace: default
  labels:
    app: grafana
  name: grafana-dashboard-provider
data:
  dashboard.yml: |-
    ---
    apiVersion: 1

    providers:
      - name: "Dashboard provider"
        orgId: 1
        type: file
        disableDeletion: false
        updateIntervalSeconds: 10
        allowUiUpdates: false
        options:
          path: /var/lib/grafana/dashboards
          foldersFromFilesStructure: true    

---
apiVersion: v1
kind: ConfigMap
metadata:
  namespace: default
  labels:
    app: grafana
  name: grafana-config
data:
  admin_user: testuser
  default_home_dashboard_path: /var/lib/grafana/dashboards/test-dashboard.json

---
apiVersion: apps/v1
kind: Deployment
metadata:
  namespace: default
  labels:
    app: grafana
  name: grafana
spec:
  selector:
    matchLabels:
      app: grafana
  template:
    metadata:
      labels:
        app: grafana
    spec:
      volumes:
        - name: secret-volume
          secret:
            secretName: grafana-secrets
            items:
              - key: admin_password
                path: admin_password
        - name: dashboard-provider-volume
          configMap:
            name: grafana-dashboard-provider
            items:
              - key: dashboard.yml
                path: main.yaml
        - name: dashboards-volume
          configMap:
            name: grafana-dashboards
            items:
              - key: test-dashboard.json
                path: test-dashboard.json
        - name: config-volume
          configMap:
            name: grafana-config
            items:
              - key: admin_user
                path: admin_user
              - key: default_home_dashboard_path
                path: default_home_dashboard_path
      containers:
        - name: grafana
          image: grafana/grafana-oss:9.5.1
          imagePullPolicy: IfNotPresent
          ports:
            - containerPort: 3000
          volumeMounts:
            - name: secret-volume
              mountPath: /etc/secrets
            - name: dashboard-provider-volume
              mountPath: /etc/grafana/provisioning/dashboards
            - name: dashboards-volume
              mountPath: /var/lib/grafana/dashboards
            - name: config-volume
              mountPath: /etc/config
          env:
            - name: GF_SECURITY_ADMIN_PASSWORD__FILE
              value: /etc/secrets/admin_password
            - name: GF_SECURITY_ADMIN_USER__FILE
              value: /etc/config/admin_user
            - name: GF_DASHBOARDS_DEFAULT_HOME_DASHBOARD_PATH__FILE
              value: /etc/config/default_home_dashboard_path

完整的配置文件可以在GitHub上找到。

英文:

As per the grafana docker documentation, any config in the grafana.ini file can be set at runtime using environment variables of the format GF_&lt;SectionName&gt;_&lt;KeyName&gt;__FILE, which represent paths to files containing the actual value. So we can use the environment variables GF_SECURITY_ADMIN_USER__FILE, GF_SECURITY_ADMIN_PASSWORD__FILE and GF_DASHBOARDS_DEFAULT_HOME_DASHBOARD_PATH__FILE, to set the admin username, password and the dashboard that is opened at launch.

According to the instructions in this answer, we can use a dashboard provider of type file to import dashboards from files.

Using both these techniques together, I think I was able to get what you wanted.

Steps performed:

  • Created a secret that contains the admin password. At runtime, the password gets mounted into the grafana container at /etc/secrets/admin_password and environment variable GF_SECURITY_ADMIN_PASSWORD__FILE gets set to /etc/secrets/admin_password
  • Created a config map that contains the dashboard provider config which gets mounted as /etc/grafana/provisioning/dashboards/main.yaml
  • Created another config map that contains the admin user and default dashboard path. These values are exposed to the container as files /etc/config/admin_user and /etc/config/default_home_dashboard_path, with those file paths set to the GF_SECURITY_ADMIN_PASSWORD__FILE and GF_DASHBOARDS_DEFAULT_HOME_DASHBOARD_PATH__FILE environment variables
  • Created another config map which contains the JSON for the default dashboard. The JSON file gets mounted as /var/lib/grafana/dashboards/test-dashboard.json, with the text /var/lib/grafana/dashboards/test-dashboard.json exposed as /etc/config/default_home_dashboard_path(set in the previous step)

Config map for the dashboard JSON:

---
apiVersion: v1
kind: ConfigMap
metadata:
  namespace: default
  labels:
    app: grafana
  name: grafana-dashboards
data:
  test-dashboard.json: |-
    {
      &quot;annotations&quot;: {
        &quot;list&quot;: [
      ...truncated...
    }    

Other config maps and deployment spec:

---
apiVersion: v1
kind: Secret
metadata:
  namespace: default
  labels:
    app: grafana
  name: grafana-secrets
type: Opaque
stringData:
  admin_password: testpwd
  
---
apiVersion: v1
kind: ConfigMap
metadata:
  namespace: default
  labels:
    app: grafana
  name: grafana-dashboard-provider
data:
  dashboard.yml: |-
    ---
    apiVersion: 1

    providers:
      - name: &quot;Dashboard provider&quot;
        orgId: 1
        type: file
        disableDeletion: false
        updateIntervalSeconds: 10
        allowUiUpdates: false
        options:
          path: /var/lib/grafana/dashboards
          foldersFromFilesStructure: true
              
---
apiVersion: v1
kind: ConfigMap
metadata:
  namespace: default
  labels:
    app: grafana
  name: grafana-config
data:
  admin_user: testuser
  default_home_dashboard_path: /var/lib/grafana/dashboards/test-dashboard.json        

---
apiVersion: apps/v1
kind: Deployment
metadata:
  namespace: default
  labels:
    app: grafana
  name: grafana
spec:
  selector:
    matchLabels:
      app: grafana
  template:
    metadata:
      labels:
        app: grafana
    spec:
      volumes:
        - name: secret-volume
          secret:
            secretName: grafana-secrets
            items:
              - key: admin_password
                path: admin_password
        - name: dashboard-provider-volume
          configMap:
            name: grafana-dashboard-provider
            items:
              - key: dashboard.yml
                path: main.yaml
        - name: dashboards-volume
          configMap:
            name: grafana-dashboards
            items:
              - key: test-dashboard.json
                path: test-dashboard.json
        - name: config-volume
          configMap:
            name: grafana-config
            items:
              - key: admin_user
                path: admin_user
              - key: default_home_dashboard_path
                path: default_home_dashboard_path          
      containers:
        - name: grafana
          image: grafana/grafana-oss:9.5.1
          imagePullPolicy: IfNotPresent
          ports:
            - containerPort: 3000
          volumeMounts:
            - name: secret-volume
              mountPath: /etc/secrets
            - name: dashboard-provider-volume
              mountPath: /etc/grafana/provisioning/dashboards
            - name: dashboards-volume
              mountPath: /var/lib/grafana/dashboards
            - name: config-volume
              mountPath: /etc/config
          env:
            - name: GF_SECURITY_ADMIN_PASSWORD__FILE
              value: /etc/secrets/admin_password
            - name: GF_SECURITY_ADMIN_USER__FILE
              value: /etc/config/admin_user
            - name: GF_DASHBOARDS_DEFAULT_HOME_DASHBOARD_PATH__FILE
              value: /etc/config/default_home_dashboard_path

The complete config files can be found on github

huangapple
  • 本文由 发表于 2023年4月17日 20:49:16
  • 转载请务必保留本文链接:https://go.coder-hub.com/76035332.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定