feat(kubernetes): create and use volsync template #122
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
github-actions
bot
added
the
area/kubernetes
--- kubernetes HelmRelease: monitoring/grafana ServiceAccount: monitoring/grafana
+++ kubernetes HelmRelease: monitoring/grafana ServiceAccount: monitoring/grafana
@@ -1,11 +0,0 @@
----
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- labels:
- app.kubernetes.io/name: grafana
- app.kubernetes.io/instance: grafana
- app.kubernetes.io/managed-by: Helm
- name: grafana
- namespace: monitoring
-
--- kubernetes HelmRelease: monitoring/grafana ConfigMap: monitoring/grafana-config-dashboards
+++ kubernetes HelmRelease: monitoring/grafana ConfigMap: monitoring/grafana-config-dashboards
@@ -1,24 +0,0 @@
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
- labels:
- app.kubernetes.io/name: grafana
- app.kubernetes.io/instance: grafana
- app.kubernetes.io/managed-by: Helm
- name: grafana-config-dashboards
- namespace: monitoring
-data:
- provider.yaml: |-
- apiVersion: 1
- providers:
- - name: 'sidecarProvider'
- orgId: 1
- type: file
- disableDeletion: true
- allowUiUpdates: false
- updateIntervalSeconds: 30
- options:
- foldersFromFilesStructure: true
- path: /tmp/dashboards
-
--- kubernetes HelmRelease: monitoring/grafana ConfigMap: monitoring/grafana
+++ kubernetes HelmRelease: monitoring/grafana ConfigMap: monitoring/grafana
@@ -1,200 +0,0 @@
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: grafana
- namespace: monitoring
- labels:
- app.kubernetes.io/name: grafana
- app.kubernetes.io/instance: grafana
- app.kubernetes.io/managed-by: Helm
-data:
- plugins: grafana-clock-panel,grafana-piechart-panel,grafana-worldmap-panel
- grafana.ini: |
- [analytics]
- check_for_plugin_updates = false
- check_for_updates = false
- reporting_enabled = false
- [grafana_net]
- url = https://grafana.net
- [log]
- mode = console
- [paths]
- data = /var/lib/grafana/
- logs = /var/log/grafana
- plugins = /var/lib/grafana/plugins
- provisioning = /etc/grafana/provisioning
- [server]
- domain = grafana.18b.haus
- datasources.yaml: |
- apiVersion: 1
- datasources:
- - access: proxy
- isDefault: true
- jsonData:
- prometheusType: Prometheus
- name: Prometheus
- type: prometheus
- uid: prometheus
- url: http://kube-prometheus-stack-prometheus.monitoring.svc.cluster.local:9090
- deleteDatasources:
- - name: Prometheus
- orgId: 1
- dashboardproviders.yaml: |
- apiVersion: 1
- providers:
- - disableDeletion: false
- editable: true
- folder: ""
- name: default
- options:
- path: /var/lib/grafana/dashboards/default
- orgId: 1
- type: file
- - disableDeletion: false
- editable: true
- folder: Flux
- name: flux
- options:
- path: /var/lib/grafana/dashboards/flux
- orgId: 1
- type: file
- - disableDeletion: false
- editable: true
- folder: Homelab
- name: homelab
- options:
- path: /var/lib/grafana/dashboards/homelab
- orgId: 1
- type: file
- - disableDeletion: false
- editable: true
- folder: Kubernetes
- name: kubernetes
- options:
- path: /var/lib/grafana/dashboards/kubernetes
- orgId: 1
- type: file
- - disableDeletion: false
- editable: true
- folder: Nginx
- name: nginx
- options:
- path: /var/lib/grafana/dashboards/nginx
- orgId: 1
- type: file
- - disableDeletion: false
- editable: true
- folder: Unifi
- name: unifi
- options:
- path: /var/lib/grafana/dashboards/unifi
- orgId: 1
- type: file
- - disableDeletion: false
- editable: true
- folder: Proxmox
- name: proxmox
- options:
- path: /var/lib/grafana/dashboards/proxmox
- orgId: 1
- type: file
- download_dashboards.sh: "#!/usr/bin/env sh\nset -euf\nmkdir -p /var/lib/grafana/dashboards/default\n\
- mkdir -p /var/lib/grafana/dashboards/flux\nmkdir -p /var/lib/grafana/dashboards/homelab\n\
- mkdir -p /var/lib/grafana/dashboards/kubernetes\nmkdir -p /var/lib/grafana/dashboards/nginx\n\
- mkdir -p /var/lib/grafana/dashboards/unifi\nmkdir -p /var/lib/grafana/dashboards/proxmox\n\
- \ncurl -skf \\\n--connect-timeout 60 \\\n--max-time 60 \\\n-H \"Accept: application/json\"\
- \ \\\n-H \"Content-Type: application/json;charset=UTF-8\" \\\n \"https://raw.githubusercontent.com/monitoring-mixins/website/master/assets/cert-manager/dashboards/cert-manager.json\"\
- \ \\\n | sed '/-- .* --/! s/\"datasource\":.*,/\"datasource\": \"Prometheus\"\
- ,/g' \\\n> \"/var/lib/grafana/dashboards/default/cert-manager.json\"\n \ncurl\
- \ -skf \\\n--connect-timeout 60 \\\n--max-time 60 \\\n-H \"Accept: application/json\"\
- \ \\\n-H \"Content-Type: application/json;charset=UTF-8\" \\\n \"https://grafana.com/api/dashboards/17457/revisions/6/download\"\
- \ \\\n | sed '/-- .* --/! s/${DS_PROMETHEUS}/Prometheus/g' \\\n> \"/var/lib/grafana/dashboards/default/cloudflared.json\"\
- \n \ncurl -skf \\\n--connect-timeout 60 \\\n--max-time 60 \\\n-H \"Accept: application/json\"\
- \ \\\n-H \"Content-Type: application/json;charset=UTF-8\" \\\n \"https://raw.githubusercontent.com/cloudnative-pg/cloudnative-pg/main/docs/src/samples/monitoring/grafana-dashboard.json\"\
- \ \\\n | sed '/-- .* --/! s/${DS_PROMETHEUS}/Prometheus/g' \\\n> \"/var/lib/grafana/dashboards/default/cloudnative-pg.json\"\
- \n \ncurl -skf \\\n--connect-timeout 60 \\\n--max-time 60 \\\n-H \"Accept: application/json\"\
- \ \\\n-H \"Content-Type: application/json;charset=UTF-8\" \\\n \"https://grafana.com/api/dashboards/15038/revisions/3/download\"\
- \ \\\n | sed '/-- .* --/! s/\"datasource\":.*,/\"datasource\": \"Prometheus\"\
- ,/g' \\\n> \"/var/lib/grafana/dashboards/default/external-dns.json\"\n \ncurl\
- \ -skf \\\n--connect-timeout 60 \\\n--max-time 60 \\\n-H \"Accept: application/json\"\
- \ \\\n-H \"Content-Type: application/json;charset=UTF-8\" \\\n \"https://grafana.com/api/dashboards/16888/revisions/8/download\"\
- \ \\\n | sed '/-- .* --/! s/\"datasource\":.*,/\"datasource\": \"Prometheus\"\
- ,/g' \\\n> \"/var/lib/grafana/dashboards/default/longhorn.json\"\n \ncurl -skf\
- \ \\\n--connect-timeout 60 \\\n--max-time 60 \\\n-H \"Accept: application/json\"\
- \ \\\n-H \"Content-Type: application/json;charset=UTF-8\" \\\n \"https://grafana.com/api/dashboards/13502/revisions/24/download\"\
- \ \\\n | sed '/-- .* --/! s/${DS_PROMETHEUS}/Prometheus/g' \\\n> \"/var/lib/grafana/dashboards/default/minio.json\"\
- \n \ncurl -skf \\\n--connect-timeout 60 \\\n--max-time 60 \\\n-H \"Accept: application/json\"\
- \ \\\n-H \"Content-Type: application/json;charset=UTF-8\" \\\n \"https://grafana.com/api/dashboards/4260/revisions/11/download\"\
- \ \\\n | sed '/-- .* --/! s/${DS_PROMETHEUS}/Prometheus/g' \\\n> \"/var/lib/grafana/dashboards/default/node-exporter-freebsd.json\"\
- \n \ncurl -skf \\\n--connect-timeout 60 \\\n--max-time 60 \\\n-H \"Accept: application/json\"\
- \ \\\n-H \"Content-Type: application/json;charset=UTF-8\" \\\n \"https://grafana.com/api/dashboards/1860/revisions/33/download\"\
- \ \\\n | sed '/-- .* --/! s/\"datasource\":.*,/\"datasource\": \"Prometheus\"\
- ,/g' \\\n> \"/var/lib/grafana/dashboards/default/node-exporter-full.json\"\n \
- \ \ncurl -skf \\\n--connect-timeout 60 \\\n--max-time 60 \\\n-H \"Accept: application/json\"\
- \ \\\n-H \"Content-Type: application/json;charset=UTF-8\" \\\n \"https://grafana.com/api/dashboards/13665/revisions/4/download\"\
- \ \\\n | sed '/-- .* --/! s/${DS_PROMETHEUS}/Prometheus/g' \\\n> \"/var/lib/grafana/dashboards/default/speedtest-exporter.json\"\
- \n \ncurl -skf \\\n--connect-timeout 60 \\\n--max-time 60 \\\n-H \"Accept: application/json\"\
- \ \\\n-H \"Content-Type: application/json;charset=UTF-8\" \\\n \"https://raw.githubusercontent.com/tuladhar/wireguard-connectivity-monitoring/main/wireguard-grafana-dashboard.json\"\
- \ \\\n | sed '/-- .* --/! s/\"datasource\":.*,/\"datasource\": \"Prometheus\"\
- ,/g' \\\n> \"/var/lib/grafana/dashboards/default/wireguard.json\"\n \ncurl -skf\
- \ \\\n--connect-timeout 60 \\\n--max-time 60 \\\n-H \"Accept: application/json\"\
- \ \\\n-H \"Content-Type: application/json;charset=UTF-8\" \\\n \"https://raw.githubusercontent.com/fluxcd/flux2/main/manifests/monitoring/monitoring-config/dashboards/cluster.json\"\
- \ \\\n | sed '/-- .* --/! s/\"datasource\":.*,/\"datasource\": \"Prometheus\"\
- ,/g' \\\n> \"/var/lib/grafana/dashboards/flux/flux-cluster.json\"\n \ncurl -skf\
- \ \\\n--connect-timeout 60 \\\n--max-time 60 \\\n-H \"Accept: application/json\"\
- \ \\\n-H \"Content-Type: application/json;charset=UTF-8\" \\\n \"https://raw.githubusercontent.com/fluxcd/flux2/main/manifests/monitoring/monitoring-config/dashboards/control-plane.json\"\
- \ \\\n | sed '/-- .* --/! s/\"datasource\":.*,/\"datasource\": \"Prometheus\"\
- ,/g' \\\n> \"/var/lib/grafana/dashboards/flux/flux-control-plane.json\"\n \n\
- curl -skf \\\n--connect-timeout 60 \\\n--max-time 60 \\\n-H \"Accept: application/json\"\
- \ \\\n-H \"Content-Type: application/json;charset=UTF-8\" \\\n \"https://raw.githubusercontent.com/dotdc/grafana-dashboards-kubernetes/master/dashboards/k8s-system-api-server.json\"\
- \ \\\n | sed '/-- .* --/! s/\"datasource\":.*,/\"datasource\": \"Prometheus\"\
- ,/g' \\\n> \"/var/lib/grafana/dashboards/kubernetes/kubernetes-api-server.json\"\
- \n \ncurl -skf \\\n--connect-timeout 60 \\\n--max-time 60 \\\n-H \"Accept: application/json\"\
- \ \\\n-H \"Content-Type: application/json;charset=UTF-8\" \\\n \"https://raw.githubusercontent.com/dotdc/grafana-dashboards-kubernetes/master/dashboards/k8s-system-coredns.json\"\
- \ \\\n | sed '/-- .* --/! s/\"datasource\":.*,/\"datasource\": \"Prometheus\"\
- ,/g' \\\n> \"/var/lib/grafana/dashboards/kubernetes/kubernetes-coredns.json\"\n\
- \ \ncurl -skf \\\n--connect-timeout 60 \\\n--max-time 60 \\\n-H \"Accept: application/json\"\
- \ \\\n-H \"Content-Type: application/json;charset=UTF-8\" \\\n \"https://raw.githubusercontent.com/dotdc/grafana-dashboards-kubernetes/master/dashboards/k8s-views-global.json\"\
- \ \\\n | sed '/-- .* --/! s/\"datasource\":.*,/\"datasource\": \"Prometheus\"\
- ,/g' \\\n> \"/var/lib/grafana/dashboards/kubernetes/kubernetes-global.json\"\n\
- \ \ncurl -skf \\\n--connect-timeout 60 \\\n--max-time 60 \\\n-H \"Accept: application/json\"\
- \ \\\n-H \"Content-Type: application/json;charset=UTF-8\" \\\n \"https://raw.githubusercontent.com/dotdc/grafana-dashboards-kubernetes/master/dashboards/k8s-views-namespaces.json\"\
- \ \\\n | sed '/-- .* --/! s/\"datasource\":.*,/\"datasource\": \"Prometheus\"\
- ,/g' \\\n> \"/var/lib/grafana/dashboards/kubernetes/kubernetes-namespaces.json\"\
- \n \ncurl -skf \\\n--connect-timeout 60 \\\n--max-time 60 \\\n-H \"Accept: application/json\"\
- \ \\\n-H \"Content-Type: application/json;charset=UTF-8\" \\\n \"https://raw.githubusercontent.com/dotdc/grafana-dashboards-kubernetes/master/dashboards/k8s-views-nodes.json\"\
[Diff truncated by flux-local]
--- kubernetes HelmRelease: monitoring/grafana ConfigMap: monitoring/grafana-dashboards-default
+++ kubernetes HelmRelease: monitoring/grafana ConfigMap: monitoring/grafana-dashboards-default
@@ -1,14 +0,0 @@
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: grafana-dashboards-default
- namespace: monitoring
- labels:
- app.kubernetes.io/name: grafana
- app.kubernetes.io/instance: grafana
- app.kubernetes.io/managed-by: Helm
- dashboard-provider: default
- grafana_dashboard: ''
-data: {}
-
--- kubernetes HelmRelease: monitoring/grafana ConfigMap: monitoring/grafana-dashboards-flux
+++ kubernetes HelmRelease: monitoring/grafana ConfigMap: monitoring/grafana-dashboards-flux
@@ -1,14 +0,0 @@
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: grafana-dashboards-flux
- namespace: monitoring
- labels:
- app.kubernetes.io/name: grafana
- app.kubernetes.io/instance: grafana
- app.kubernetes.io/managed-by: Helm
- dashboard-provider: flux
- grafana_dashboard: ''
-data: {}
-
--- kubernetes HelmRelease: monitoring/grafana ConfigMap: monitoring/grafana-dashboards-kubernetes
+++ kubernetes HelmRelease: monitoring/grafana ConfigMap: monitoring/grafana-dashboards-kubernetes
@@ -1,14 +0,0 @@
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: grafana-dashboards-kubernetes
- namespace: monitoring
- labels:
- app.kubernetes.io/name: grafana
- app.kubernetes.io/instance: grafana
- app.kubernetes.io/managed-by: Helm
- dashboard-provider: kubernetes
- grafana_dashboard: ''
-data: {}
-
--- kubernetes HelmRelease: monitoring/grafana ConfigMap: monitoring/grafana-dashboards-nginx
+++ kubernetes HelmRelease: monitoring/grafana ConfigMap: monitoring/grafana-dashboards-nginx
@@ -1,14 +0,0 @@
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: grafana-dashboards-nginx
- namespace: monitoring
- labels:
- app.kubernetes.io/name: grafana
- app.kubernetes.io/instance: grafana
- app.kubernetes.io/managed-by: Helm
- dashboard-provider: nginx
- grafana_dashboard: ''
-data: {}
-
--- kubernetes HelmRelease: monitoring/grafana ConfigMap: monitoring/grafana-dashboards-proxmox
+++ kubernetes HelmRelease: monitoring/grafana ConfigMap: monitoring/grafana-dashboards-proxmox
@@ -1,14 +0,0 @@
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: grafana-dashboards-proxmox
- namespace: monitoring
- labels:
- app.kubernetes.io/name: grafana
- app.kubernetes.io/instance: grafana
- app.kubernetes.io/managed-by: Helm
- dashboard-provider: proxmox
- grafana_dashboard: ''
-data: {}
-
--- kubernetes HelmRelease: monitoring/grafana ConfigMap: monitoring/grafana-dashboards-unifi
+++ kubernetes HelmRelease: monitoring/grafana ConfigMap: monitoring/grafana-dashboards-unifi
@@ -1,14 +0,0 @@
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: grafana-dashboards-unifi
- namespace: monitoring
- labels:
- app.kubernetes.io/name: grafana
- app.kubernetes.io/instance: grafana
- app.kubernetes.io/managed-by: Helm
- dashboard-provider: unifi
- grafana_dashboard: ''
-data: {}
-
--- kubernetes HelmRelease: monitoring/grafana ClusterRole: monitoring/grafana-clusterrole
+++ kubernetes HelmRelease: monitoring/grafana ClusterRole: monitoring/grafana-clusterrole
@@ -1,20 +0,0 @@
----
-kind: ClusterRole
-apiVersion: rbac.authorization.k8s.io/v1
-metadata:
- labels:
- app.kubernetes.io/name: grafana
- app.kubernetes.io/instance: grafana
- app.kubernetes.io/managed-by: Helm
- name: grafana-clusterrole
-rules:
-- apiGroups:
- - ''
- resources:
- - configmaps
- - secrets
- verbs:
- - get
- - watch
- - list
-
--- kubernetes HelmRelease: monitoring/grafana ClusterRoleBinding: monitoring/grafana-clusterrolebinding
+++ kubernetes HelmRelease: monitoring/grafana ClusterRoleBinding: monitoring/grafana-clusterrolebinding
@@ -1,18 +0,0 @@
----
-kind: ClusterRoleBinding
-apiVersion: rbac.authorization.k8s.io/v1
-metadata:
- name: grafana-clusterrolebinding
- labels:
- app.kubernetes.io/name: grafana
- app.kubernetes.io/instance: grafana
- app.kubernetes.io/managed-by: Helm
-subjects:
-- kind: ServiceAccount
- name: grafana
- namespace: monitoring
-roleRef:
- kind: ClusterRole
- name: grafana-clusterrole
- apiGroup: rbac.authorization.k8s.io
-
--- kubernetes HelmRelease: monitoring/grafana Role: monitoring/grafana
+++ kubernetes HelmRelease: monitoring/grafana Role: monitoring/grafana
@@ -1,12 +0,0 @@
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
- name: grafana
- namespace: monitoring
- labels:
- app.kubernetes.io/name: grafana
- app.kubernetes.io/instance: grafana
- app.kubernetes.io/managed-by: Helm
-rules: []
-
--- kubernetes HelmRelease: monitoring/grafana RoleBinding: monitoring/grafana
+++ kubernetes HelmRelease: monitoring/grafana RoleBinding: monitoring/grafana
@@ -1,19 +0,0 @@
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: RoleBinding
-metadata:
- name: grafana
- namespace: monitoring
- labels:
- app.kubernetes.io/name: grafana
- app.kubernetes.io/instance: grafana
- app.kubernetes.io/managed-by: Helm
-roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: Role
- name: grafana
-subjects:
-- kind: ServiceAccount
- name: grafana
- namespace: monitoring
-
--- kubernetes HelmRelease: monitoring/grafana Service: monitoring/grafana
+++ kubernetes HelmRelease: monitoring/grafana Service: monitoring/grafana
@@ -1,21 +0,0 @@
----
-apiVersion: v1
-kind: Service
-metadata:
- name: grafana
- namespace: monitoring
- labels:
- app.kubernetes.io/name: grafana
- app.kubernetes.io/instance: grafana
- app.kubernetes.io/managed-by: Helm
-spec:
- type: ClusterIP
- ports:
- - name: service
- port: 80
- protocol: TCP
- targetPort: 3000
- selector:
- app.kubernetes.io/name: grafana
- app.kubernetes.io/instance: grafana
-
--- kubernetes HelmRelease: monitoring/grafana Deployment: monitoring/grafana
+++ kubernetes HelmRelease: monitoring/grafana Deployment: monitoring/grafana
@@ -1,273 +0,0 @@
----
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: grafana
- namespace: monitoring
- labels:
- app.kubernetes.io/name: grafana
- app.kubernetes.io/instance: grafana
- app.kubernetes.io/managed-by: Helm
-spec:
- replicas: 1
- revisionHistoryLimit: 10
- selector:
- matchLabels:
- app.kubernetes.io/name: grafana
- app.kubernetes.io/instance: grafana
- strategy:
- type: Recreate
- template:
- metadata:
- labels:
- app.kubernetes.io/name: grafana
- app.kubernetes.io/instance: grafana
- annotations:
- checksum/dashboards-json-config: 90ec6bc4f1f8897e79dd59c400ec0e5b965abcdd98fed40754b2afe68297345d
- checksum/sc-dashboard-provider-config: c942752180ddff51a3ab63b7d256cf3d856d90757b6f804cbc420562989d5a84
- kubectl.kubernetes.io/default-container: grafana
- spec:
- serviceAccountName: grafana
- automountServiceAccountToken: true
- securityContext:
- fsGroup: 472
- runAsGroup: 472
- runAsNonRoot: true
- runAsUser: 472
- initContainers:
- - name: init-chown-data
- image: docker.io/library/busybox:1.31.1
- imagePullPolicy: IfNotPresent
- securityContext:
- capabilities:
- add:
- - CHOWN
- runAsNonRoot: false
- runAsUser: 0
- seccompProfile:
- type: RuntimeDefault
- command:
- - chown
- - -R
- - 472:472
- - /var/lib/grafana
- volumeMounts:
- - name: storage
- mountPath: /var/lib/grafana
- - name: download-dashboards
- image: docker.io/curlimages/curl:7.85.0
- imagePullPolicy: IfNotPresent
- command:
- - /bin/sh
- args:
- - -c
- - mkdir -p /var/lib/grafana/dashboards/default && /bin/sh -x /etc/grafana/download_dashboards.sh
- env: null
- securityContext:
- allowPrivilegeEscalation: false
- capabilities:
- drop:
- - ALL
- seccompProfile:
- type: RuntimeDefault
- volumeMounts:
- - name: config
- mountPath: /etc/grafana/download_dashboards.sh
- subPath: download_dashboards.sh
- - name: storage
- mountPath: /var/lib/grafana
- enableServiceLinks: true
- containers:
- - name: grafana-sc-dashboard
- image: quay.io/kiwigrid/k8s-sidecar:1.25.2
- imagePullPolicy: IfNotPresent
- env:
- - name: METHOD
- value: WATCH
- - name: LABEL
- value: grafana_dashboard
- - name: FOLDER
- value: /tmp/dashboards
- - name: RESOURCE
- value: both
- - name: NAMESPACE
- value: ALL
- - name: FOLDER_ANNOTATION
- value: grafana_folder
- - name: REQ_USERNAME
- valueFrom:
- secretKeyRef:
- name: grafana-admin-secret
- key: admin-user
- - name: REQ_PASSWORD
- valueFrom:
- secretKeyRef:
- name: grafana-admin-secret
- key: admin-password
- - name: REQ_URL
- value: http://localhost:3000/api/admin/provisioning/dashboards/reload
- - name: REQ_METHOD
- value: POST
- securityContext:
- allowPrivilegeEscalation: false
- capabilities:
- drop:
- - ALL
- seccompProfile:
- type: RuntimeDefault
- volumeMounts:
- - name: sc-dashboard-volume
- mountPath: /tmp/dashboards
- - name: grafana-sc-datasources
- image: quay.io/kiwigrid/k8s-sidecar:1.25.2
- imagePullPolicy: IfNotPresent
- env:
- - name: METHOD
- value: WATCH
- - name: LABEL
- value: grafana_datasource
- - name: FOLDER
- value: /etc/grafana/provisioning/datasources
- - name: RESOURCE
- value: both
- - name: NAMESPACE
- value: ALL
- - name: REQ_USERNAME
- valueFrom:
- secretKeyRef:
- name: grafana-admin-secret
- key: admin-user
- - name: REQ_PASSWORD
- valueFrom:
- secretKeyRef:
- name: grafana-admin-secret
- key: admin-password
- - name: REQ_URL
- value: http://localhost:3000/api/admin/provisioning/datasources/reload
- - name: REQ_METHOD
- value: POST
- securityContext:
- allowPrivilegeEscalation: false
- capabilities:
- drop:
- - ALL
- seccompProfile:
- type: RuntimeDefault
- volumeMounts:
- - name: sc-datasources-volume
- mountPath: /etc/grafana/provisioning/datasources
- - name: grafana
- image: docker.io/grafana/grafana:10.2.2
- imagePullPolicy: IfNotPresent
- securityContext:
- allowPrivilegeEscalation: false
- capabilities:
- drop:
- - ALL
- seccompProfile:
- type: RuntimeDefault
- volumeMounts:
- - name: config
- mountPath: /etc/grafana/grafana.ini
- subPath: grafana.ini
- - name: storage
- mountPath: /var/lib/grafana
- - name: config
- mountPath: /etc/grafana/provisioning/datasources/datasources.yaml
- subPath: datasources.yaml
- - name: config
- mountPath: /etc/grafana/provisioning/dashboards/dashboardproviders.yaml
- subPath: dashboardproviders.yaml
- - name: sc-dashboard-volume
- mountPath: /tmp/dashboards
- - name: sc-dashboard-provider
- mountPath: /etc/grafana/provisioning/dashboards/sc-dashboardproviders.yaml
- subPath: provider.yaml
- - name: sc-datasources-volume
- mountPath: /etc/grafana/provisioning/datasources
- ports:
- - name: grafana
- containerPort: 3000
- protocol: TCP
- - name: gossip-tcp
- containerPort: 9094
- protocol: TCP
- - name: gossip-udp
- containerPort: 9094
- protocol: UDP
- env:
- - name: POD_IP
- valueFrom:
- fieldRef:
- fieldPath: status.podIP
- - name: GF_SECURITY_ADMIN_USER
- valueFrom:
- secretKeyRef:
- name: grafana-admin-secret
- key: admin-user
- - name: GF_SECURITY_ADMIN_PASSWORD
- valueFrom:
- secretKeyRef:
- name: grafana-admin-secret
- key: admin-password
- - name: GF_INSTALL_PLUGINS
- valueFrom:
- configMapKeyRef:
- name: grafana
- key: plugins
- - name: GF_PATHS_DATA
- value: /var/lib/grafana/
- - name: GF_PATHS_LOGS
- value: /var/log/grafana
- - name: GF_PATHS_PLUGINS
- value: /var/lib/grafana/plugins
- - name: GF_PATHS_PROVISIONING
- value: /etc/grafana/provisioning
- - name: GF_EXPLORE_ENABLED
- value: 'true'
- - name: GF_SERVER_ROOT_URL
- value: https://grafana.18b.haus
- livenessProbe:
- failureThreshold: 10
- httpGet:
- path: /api/health
- port: 3000
- initialDelaySeconds: 60
- timeoutSeconds: 30
- readinessProbe:
- httpGet:
- path: /api/health
- port: 3000
- volumes:
- - name: config
- configMap:
- name: grafana
- - name: dashboards-default
- configMap:
- name: grafana-dashboards-default
- - name: dashboards-flux
- configMap:
- name: grafana-dashboards-flux
- - name: dashboards-kubernetes
- configMap:
- name: grafana-dashboards-kubernetes
- - name: dashboards-nginx
- configMap:
- name: grafana-dashboards-nginx
- - name: dashboards-proxmox
- configMap:
- name: grafana-dashboards-proxmox
- - name: dashboards-unifi
- configMap:
- name: grafana-dashboards-unifi
- - name: storage
- persistentVolumeClaim:
- claimName: grafana
- - name: sc-dashboard-volume
- emptyDir: {}
- - name: sc-dashboard-provider
- configMap:
- name: grafana-config-dashboards
- - name: sc-datasources-volume
- emptyDir: {}
-
--- kubernetes HelmRelease: monitoring/grafana Ingress: monitoring/grafana
+++ kubernetes HelmRelease: monitoring/grafana Ingress: monitoring/grafana
@@ -1,29 +0,0 @@
----
-apiVersion: networking.k8s.io/v1
-kind: Ingress
-metadata:
- name: grafana
- namespace: monitoring
- labels:
- app.kubernetes.io/name: grafana
- app.kubernetes.io/instance: grafana
- app.kubernetes.io/managed-by: Helm
- annotations:
- hajimari.io/icon: simple-icons:grafana
-spec:
- ingressClassName: internal
- tls:
- - hosts:
- - grafana.18b.haus
- rules:
- - host: grafana.18b.haus
- http:
- paths:
- - path: /
- pathType: Prefix
- backend:
- service:
- name: grafana
- port:
- number: 80
-
--- kubernetes HelmRelease: monitoring/grafana ServiceMonitor: monitoring/grafana
+++ kubernetes HelmRelease: monitoring/grafana ServiceMonitor: monitoring/grafana
@@ -1,27 +0,0 @@
----
-apiVersion: monitoring.coreos.com/v1
-kind: ServiceMonitor
-metadata:
- name: grafana
- namespace: monitoring
- labels:
- app.kubernetes.io/name: grafana
- app.kubernetes.io/instance: grafana
- app.kubernetes.io/managed-by: Helm
-spec:
- endpoints:
- - port: service
- interval: 30s
- scrapeTimeout: 30s
- honorLabels: true
- path: /metrics
- scheme: http
- jobLabel: grafana
- selector:
- matchLabels:
- app.kubernetes.io/name: grafana
- app.kubernetes.io/instance: grafana
- namespaceSelector:
- matchNames:
- - monitoring
-
--- kubernetes HelmRelease: default/grafana ServiceAccount: default/grafana
+++ kubernetes HelmRelease: default/grafana ServiceAccount: default/grafana
@@ -0,0 +1,11 @@
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ labels:
+ app.kubernetes.io/name: grafana
+ app.kubernetes.io/instance: grafana
+ app.kubernetes.io/managed-by: Helm
+ name: grafana
+ namespace: default
+
--- kubernetes HelmRelease: default/grafana ConfigMap: default/grafana-config-dashboards
+++ kubernetes HelmRelease: default/grafana ConfigMap: default/grafana-config-dashboards
@@ -0,0 +1,24 @@
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ labels:
+ app.kubernetes.io/name: grafana
+ app.kubernetes.io/instance: grafana
+ app.kubernetes.io/managed-by: Helm
+ name: grafana-config-dashboards
+ namespace: default
+data:
+ provider.yaml: |-
+ apiVersion: 1
+ providers:
+ - name: 'sidecarProvider'
+ orgId: 1
+ type: file
+ disableDeletion: true
+ allowUiUpdates: false
+ updateIntervalSeconds: 30
+ options:
+ foldersFromFilesStructure: true
+ path: /tmp/dashboards
+
--- kubernetes HelmRelease: default/grafana ConfigMap: default/grafana
+++ kubernetes HelmRelease: default/grafana ConfigMap: default/grafana
@@ -0,0 +1,200 @@
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: grafana
+ namespace: default
+ labels:
+ app.kubernetes.io/name: grafana
+ app.kubernetes.io/instance: grafana
+ app.kubernetes.io/managed-by: Helm
+data:
+ plugins: grafana-clock-panel,grafana-piechart-panel,grafana-worldmap-panel
+ grafana.ini: |
+ [analytics]
+ check_for_plugin_updates = false
+ check_for_updates = false
+ reporting_enabled = false
+ [grafana_net]
+ url = https://grafana.net
+ [log]
+ mode = console
+ [paths]
+ data = /var/lib/grafana/
+ logs = /var/log/grafana
+ plugins = /var/lib/grafana/plugins
+ provisioning = /etc/grafana/provisioning
+ [server]
+ domain = grafana.18b.haus
+ datasources.yaml: |
+ apiVersion: 1
+ datasources:
+ - access: proxy
+ isDefault: true
+ jsonData:
+ prometheusType: Prometheus
+ name: Prometheus
+ type: prometheus
+ uid: prometheus
+ url: http://kube-prometheus-stack-prometheus.monitoring.svc.cluster.local:9090
+ deleteDatasources:
+ - name: Prometheus
+ orgId: 1
+ dashboardproviders.yaml: |
+ apiVersion: 1
+ providers:
+ - disableDeletion: false
+ editable: true
+ folder: ""
+ name: default
+ options:
+ path: /var/lib/grafana/dashboards/default
+ orgId: 1
+ type: file
+ - disableDeletion: false
+ editable: true
+ folder: Flux
+ name: flux
+ options:
+ path: /var/lib/grafana/dashboards/flux
+ orgId: 1
+ type: file
+ - disableDeletion: false
+ editable: true
+ folder: Homelab
+ name: homelab
+ options:
+ path: /var/lib/grafana/dashboards/homelab
+ orgId: 1
+ type: file
+ - disableDeletion: false
+ editable: true
+ folder: Kubernetes
+ name: kubernetes
+ options:
+ path: /var/lib/grafana/dashboards/kubernetes
+ orgId: 1
+ type: file
+ - disableDeletion: false
+ editable: true
+ folder: Nginx
+ name: nginx
+ options:
+ path: /var/lib/grafana/dashboards/nginx
+ orgId: 1
+ type: file
+ - disableDeletion: false
+ editable: true
+ folder: Unifi
+ name: unifi
+ options:
+ path: /var/lib/grafana/dashboards/unifi
+ orgId: 1
+ type: file
+ - disableDeletion: false
+ editable: true
+ folder: Proxmox
+ name: proxmox
+ options:
+ path: /var/lib/grafana/dashboards/proxmox
+ orgId: 1
+ type: file
+ download_dashboards.sh: "#!/usr/bin/env sh\nset -euf\nmkdir -p /var/lib/grafana/dashboards/default\n\
+ mkdir -p /var/lib/grafana/dashboards/flux\nmkdir -p /var/lib/grafana/dashboards/homelab\n\
+ mkdir -p /var/lib/grafana/dashboards/kubernetes\nmkdir -p /var/lib/grafana/dashboards/nginx\n\
+ mkdir -p /var/lib/grafana/dashboards/unifi\nmkdir -p /var/lib/grafana/dashboards/proxmox\n\
+ \ncurl -skf \\\n--connect-timeout 60 \\\n--max-time 60 \\\n-H \"Accept: application/json\"\
+ \ \\\n-H \"Content-Type: application/json;charset=UTF-8\" \\\n \"https://raw.githubusercontent.com/monitoring-mixins/website/master/assets/cert-manager/dashboards/cert-manager.json\"\
+ \ \\\n | sed '/-- .* --/! s/\"datasource\":.*,/\"datasource\": \"Prometheus\"\
+ ,/g' \\\n> \"/var/lib/grafana/dashboards/default/cert-manager.json\"\n \ncurl\
+ \ -skf \\\n--connect-timeout 60 \\\n--max-time 60 \\\n-H \"Accept: application/json\"\
+ \ \\\n-H \"Content-Type: application/json;charset=UTF-8\" \\\n \"https://grafana.com/api/dashboards/17457/revisions/6/download\"\
+ \ \\\n | sed '/-- .* --/! s/${DS_PROMETHEUS}/Prometheus/g' \\\n> \"/var/lib/grafana/dashboards/default/cloudflared.json\"\
+ \n \ncurl -skf \\\n--connect-timeout 60 \\\n--max-time 60 \\\n-H \"Accept: application/json\"\
+ \ \\\n-H \"Content-Type: application/json;charset=UTF-8\" \\\n \"https://raw.githubusercontent.com/cloudnative-pg/cloudnative-pg/main/docs/src/samples/monitoring/grafana-dashboard.json\"\
+ \ \\\n | sed '/-- .* --/! s/${DS_PROMETHEUS}/Prometheus/g' \\\n> \"/var/lib/grafana/dashboards/default/cloudnative-pg.json\"\
+ \n \ncurl -skf \\\n--connect-timeout 60 \\\n--max-time 60 \\\n-H \"Accept: application/json\"\
+ \ \\\n-H \"Content-Type: application/json;charset=UTF-8\" \\\n \"https://grafana.com/api/dashboards/15038/revisions/3/download\"\
+ \ \\\n | sed '/-- .* --/! s/\"datasource\":.*,/\"datasource\": \"Prometheus\"\
+ ,/g' \\\n> \"/var/lib/grafana/dashboards/default/external-dns.json\"\n \ncurl\
+ \ -skf \\\n--connect-timeout 60 \\\n--max-time 60 \\\n-H \"Accept: application/json\"\
+ \ \\\n-H \"Content-Type: application/json;charset=UTF-8\" \\\n \"https://grafana.com/api/dashboards/16888/revisions/8/download\"\
+ \ \\\n | sed '/-- .* --/! s/\"datasource\":.*,/\"datasource\": \"Prometheus\"\
+ ,/g' \\\n> \"/var/lib/grafana/dashboards/default/longhorn.json\"\n \ncurl -skf\
+ \ \\\n--connect-timeout 60 \\\n--max-time 60 \\\n-H \"Accept: application/json\"\
+ \ \\\n-H \"Content-Type: application/json;charset=UTF-8\" \\\n \"https://grafana.com/api/dashboards/13502/revisions/24/download\"\
+ \ \\\n | sed '/-- .* --/! s/${DS_PROMETHEUS}/Prometheus/g' \\\n> \"/var/lib/grafana/dashboards/default/minio.json\"\
+ \n \ncurl -skf \\\n--connect-timeout 60 \\\n--max-time 60 \\\n-H \"Accept: application/json\"\
+ \ \\\n-H \"Content-Type: application/json;charset=UTF-8\" \\\n \"https://grafana.com/api/dashboards/4260/revisions/11/download\"\
+ \ \\\n | sed '/-- .* --/! s/${DS_PROMETHEUS}/Prometheus/g' \\\n> \"/var/lib/grafana/dashboards/default/node-exporter-freebsd.json\"\
+ \n \ncurl -skf \\\n--connect-timeout 60 \\\n--max-time 60 \\\n-H \"Accept: application/json\"\
+ \ \\\n-H \"Content-Type: application/json;charset=UTF-8\" \\\n \"https://grafana.com/api/dashboards/1860/revisions/33/download\"\
+ \ \\\n | sed '/-- .* --/! s/\"datasource\":.*,/\"datasource\": \"Prometheus\"\
+ ,/g' \\\n> \"/var/lib/grafana/dashboards/default/node-exporter-full.json\"\n \
+ \ \ncurl -skf \\\n--connect-timeout 60 \\\n--max-time 60 \\\n-H \"Accept: application/json\"\
+ \ \\\n-H \"Content-Type: application/json;charset=UTF-8\" \\\n \"https://grafana.com/api/dashboards/13665/revisions/4/download\"\
+ \ \\\n | sed '/-- .* --/! s/${DS_PROMETHEUS}/Prometheus/g' \\\n> \"/var/lib/grafana/dashboards/default/speedtest-exporter.json\"\
+ \n \ncurl -skf \\\n--connect-timeout 60 \\\n--max-time 60 \\\n-H \"Accept: application/json\"\
+ \ \\\n-H \"Content-Type: application/json;charset=UTF-8\" \\\n \"https://raw.githubusercontent.com/tuladhar/wireguard-connectivity-monitoring/main/wireguard-grafana-dashboard.json\"\
+ \ \\\n | sed '/-- .* --/! s/\"datasource\":.*,/\"datasource\": \"Prometheus\"\
+ ,/g' \\\n> \"/var/lib/grafana/dashboards/default/wireguard.json\"\n \ncurl -skf\
+ \ \\\n--connect-timeout 60 \\\n--max-time 60 \\\n-H \"Accept: application/json\"\
+ \ \\\n-H \"Content-Type: application/json;charset=UTF-8\" \\\n \"https://raw.githubusercontent.com/fluxcd/flux2/main/manifests/monitoring/monitoring-config/dashboards/cluster.json\"\
+ \ \\\n | sed '/-- .* --/! s/\"datasource\":.*,/\"datasource\": \"Prometheus\"\
+ ,/g' \\\n> \"/var/lib/grafana/dashboards/flux/flux-cluster.json\"\n \ncurl -skf\
+ \ \\\n--connect-timeout 60 \\\n--max-time 60 \\\n-H \"Accept: application/json\"\
+ \ \\\n-H \"Content-Type: application/json;charset=UTF-8\" \\\n \"https://raw.githubusercontent.com/fluxcd/flux2/main/manifests/monitoring/monitoring-config/dashboards/control-plane.json\"\
+ \ \\\n | sed '/-- .* --/! s/\"datasource\":.*,/\"datasource\": \"Prometheus\"\
+ ,/g' \\\n> \"/var/lib/grafana/dashboards/flux/flux-control-plane.json\"\n \n\
+ curl -skf \\\n--connect-timeout 60 \\\n--max-time 60 \\\n-H \"Accept: application/json\"\
+ \ \\\n-H \"Content-Type: application/json;charset=UTF-8\" \\\n \"https://raw.githubusercontent.com/dotdc/grafana-dashboards-kubernetes/master/dashboards/k8s-system-api-server.json\"\
+ \ \\\n | sed '/-- .* --/! s/\"datasource\":.*,/\"datasource\": \"Prometheus\"\
+ ,/g' \\\n> \"/var/lib/grafana/dashboards/kubernetes/kubernetes-api-server.json\"\
+ \n \ncurl -skf \\\n--connect-timeout 60 \\\n--max-time 60 \\\n-H \"Accept: application/json\"\
+ \ \\\n-H \"Content-Type: application/json;charset=UTF-8\" \\\n \"https://raw.githubusercontent.com/dotdc/grafana-dashboards-kubernetes/master/dashboards/k8s-system-coredns.json\"\
+ \ \\\n | sed '/-- .* --/! s/\"datasource\":.*,/\"datasource\": \"Prometheus\"\
+ ,/g' \\\n> \"/var/lib/grafana/dashboards/kubernetes/kubernetes-coredns.json\"\n\
+ \ \ncurl -skf \\\n--connect-timeout 60 \\\n--max-time 60 \\\n-H \"Accept: application/json\"\
+ \ \\\n-H \"Content-Type: application/json;charset=UTF-8\" \\\n \"https://raw.githubusercontent.com/dotdc/grafana-dashboards-kubernetes/master/dashboards/k8s-views-global.json\"\
+ \ \\\n | sed '/-- .* --/! s/\"datasource\":.*,/\"datasource\": \"Prometheus\"\
+ ,/g' \\\n> \"/var/lib/grafana/dashboards/kubernetes/kubernetes-global.json\"\n\
+ \ \ncurl -skf \\\n--connect-timeout 60 \\\n--max-time 60 \\\n-H \"Accept: application/json\"\
+ \ \\\n-H \"Content-Type: application/json;charset=UTF-8\" \\\n \"https://raw.githubusercontent.com/dotdc/grafana-dashboards-kubernetes/master/dashboards/k8s-views-namespaces.json\"\
+ \ \\\n | sed '/-- .* --/! s/\"datasource\":.*,/\"datasource\": \"Prometheus\"\
+ ,/g' \\\n> \"/var/lib/grafana/dashboards/kubernetes/kubernetes-namespaces.json\"\
+ \n \ncurl -skf \\\n--connect-timeout 60 \\\n--max-time 60 \\\n-H \"Accept: application/json\"\
+ \ \\\n-H \"Content-Type: application/json;charset=UTF-8\" \\\n \"https://raw.githubusercontent.com/dotdc/grafana-dashboards-kubernetes/master/dashboards/k8s-views-nodes.json\"\
[Diff truncated by flux-local]
--- kubernetes HelmRelease: default/grafana ConfigMap: default/grafana-dashboards-default
+++ kubernetes HelmRelease: default/grafana ConfigMap: default/grafana-dashboards-default
@@ -0,0 +1,14 @@
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: grafana-dashboards-default
+ namespace: default
+ labels:
+ app.kubernetes.io/name: grafana
+ app.kubernetes.io/instance: grafana
+ app.kubernetes.io/managed-by: Helm
+ dashboard-provider: default
+ grafana_dashboard: ''
+data: {}
+
--- kubernetes HelmRelease: default/grafana ConfigMap: default/grafana-dashboards-flux
+++ kubernetes HelmRelease: default/grafana ConfigMap: default/grafana-dashboards-flux
@@ -0,0 +1,14 @@
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: grafana-dashboards-flux
+ namespace: default
+ labels:
+ app.kubernetes.io/name: grafana
+ app.kubernetes.io/instance: grafana
+ app.kubernetes.io/managed-by: Helm
+ dashboard-provider: flux
+ grafana_dashboard: ''
+data: {}
+
--- kubernetes HelmRelease: default/grafana ConfigMap: default/grafana-dashboards-kubernetes
+++ kubernetes HelmRelease: default/grafana ConfigMap: default/grafana-dashboards-kubernetes
@@ -0,0 +1,14 @@
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: grafana-dashboards-kubernetes
+ namespace: default
+ labels:
+ app.kubernetes.io/name: grafana
+ app.kubernetes.io/instance: grafana
+ app.kubernetes.io/managed-by: Helm
+ dashboard-provider: kubernetes
+ grafana_dashboard: ''
+data: {}
+
--- kubernetes HelmRelease: default/grafana ConfigMap: default/grafana-dashboards-nginx
+++ kubernetes HelmRelease: default/grafana ConfigMap: default/grafana-dashboards-nginx
@@ -0,0 +1,14 @@
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: grafana-dashboards-nginx
+ namespace: default
+ labels:
+ app.kubernetes.io/name: grafana
+ app.kubernetes.io/instance: grafana
+ app.kubernetes.io/managed-by: Helm
+ dashboard-provider: nginx
+ grafana_dashboard: ''
+data: {}
+
--- kubernetes HelmRelease: default/grafana ConfigMap: default/grafana-dashboards-proxmox
+++ kubernetes HelmRelease: default/grafana ConfigMap: default/grafana-dashboards-proxmox
@@ -0,0 +1,14 @@
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: grafana-dashboards-proxmox
+ namespace: default
+ labels:
+ app.kubernetes.io/name: grafana
+ app.kubernetes.io/instance: grafana
+ app.kubernetes.io/managed-by: Helm
+ dashboard-provider: proxmox
+ grafana_dashboard: ''
+data: {}
+
--- kubernetes HelmRelease: default/grafana ConfigMap: default/grafana-dashboards-unifi
+++ kubernetes HelmRelease: default/grafana ConfigMap: default/grafana-dashboards-unifi
@@ -0,0 +1,14 @@
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: grafana-dashboards-unifi
+ namespace: default
+ labels:
+ app.kubernetes.io/name: grafana
+ app.kubernetes.io/instance: grafana
+ app.kubernetes.io/managed-by: Helm
+ dashboard-provider: unifi
+ grafana_dashboard: ''
+data: {}
+
--- kubernetes HelmRelease: default/grafana ClusterRole: default/grafana-clusterrole
+++ kubernetes HelmRelease: default/grafana ClusterRole: default/grafana-clusterrole
@@ -0,0 +1,20 @@
+---
+kind: ClusterRole
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+ labels:
+ app.kubernetes.io/name: grafana
+ app.kubernetes.io/instance: grafana
+ app.kubernetes.io/managed-by: Helm
+ name: grafana-clusterrole
+rules:
+- apiGroups:
+ - ''
+ resources:
+ - configmaps
+ - secrets
+ verbs:
+ - get
+ - watch
+ - list
+
--- kubernetes HelmRelease: default/grafana ClusterRoleBinding: default/grafana-clusterrolebinding
+++ kubernetes HelmRelease: default/grafana ClusterRoleBinding: default/grafana-clusterrolebinding
@@ -0,0 +1,18 @@
+---
+kind: ClusterRoleBinding
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+ name: grafana-clusterrolebinding
+ labels:
+ app.kubernetes.io/name: grafana
+ app.kubernetes.io/instance: grafana
+ app.kubernetes.io/managed-by: Helm
+subjects:
+- kind: ServiceAccount
+ name: grafana
+ namespace: default
+roleRef:
+ kind: ClusterRole
+ name: grafana-clusterrole
+ apiGroup: rbac.authorization.k8s.io
+
--- kubernetes HelmRelease: default/grafana Role: default/grafana
+++ kubernetes HelmRelease: default/grafana Role: default/grafana
@@ -0,0 +1,12 @@
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+ name: grafana
+ namespace: default
+ labels:
+ app.kubernetes.io/name: grafana
+ app.kubernetes.io/instance: grafana
+ app.kubernetes.io/managed-by: Helm
+rules: []
+
--- kubernetes HelmRelease: default/grafana RoleBinding: default/grafana
+++ kubernetes HelmRelease: default/grafana RoleBinding: default/grafana
@@ -0,0 +1,19 @@
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+ name: grafana
+ namespace: default
+ labels:
+ app.kubernetes.io/name: grafana
+ app.kubernetes.io/instance: grafana
+ app.kubernetes.io/managed-by: Helm
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: Role
+ name: grafana
+subjects:
+- kind: ServiceAccount
+ name: grafana
+ namespace: default
+
--- kubernetes HelmRelease: default/grafana Service: default/grafana
+++ kubernetes HelmRelease: default/grafana Service: default/grafana
@@ -0,0 +1,21 @@
+---
+apiVersion: v1
+kind: Service
+metadata:
+ name: grafana
+ namespace: default
+ labels:
+ app.kubernetes.io/name: grafana
+ app.kubernetes.io/instance: grafana
+ app.kubernetes.io/managed-by: Helm
+spec:
+ type: ClusterIP
+ ports:
+ - name: service
+ port: 80
+ protocol: TCP
+ targetPort: 3000
+ selector:
+ app.kubernetes.io/name: grafana
+ app.kubernetes.io/instance: grafana
+
--- kubernetes HelmRelease: default/grafana Deployment: default/grafana
+++ kubernetes HelmRelease: default/grafana Deployment: default/grafana
@@ -0,0 +1,273 @@
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: grafana
+ namespace: default
+ labels:
+ app.kubernetes.io/name: grafana
+ app.kubernetes.io/instance: grafana
+ app.kubernetes.io/managed-by: Helm
+spec:
+ replicas: 1
+ revisionHistoryLimit: 10
+ selector:
+ matchLabels:
+ app.kubernetes.io/name: grafana
+ app.kubernetes.io/instance: grafana
+ strategy:
+ type: Recreate
+ template:
+ metadata:
+ labels:
+ app.kubernetes.io/name: grafana
+ app.kubernetes.io/instance: grafana
+ annotations:
+ checksum/dashboards-json-config: acd0f9567233bf7fb7400439a8c96eda7d54f17a5aa0d48d3bed88947750a3ff
+ checksum/sc-dashboard-provider-config: c942752180ddff51a3ab63b7d256cf3d856d90757b6f804cbc420562989d5a84
+ kubectl.kubernetes.io/default-container: grafana
+ spec:
+ serviceAccountName: grafana
+ automountServiceAccountToken: true
+ securityContext:
+ fsGroup: 472
+ runAsGroup: 472
+ runAsNonRoot: true
+ runAsUser: 472
+ initContainers:
+ - name: init-chown-data
+ image: docker.io/library/busybox:1.31.1
+ imagePullPolicy: IfNotPresent
+ securityContext:
+ capabilities:
+ add:
+ - CHOWN
+ runAsNonRoot: false
+ runAsUser: 0
+ seccompProfile:
+ type: RuntimeDefault
+ command:
+ - chown
+ - -R
+ - 472:472
+ - /var/lib/grafana
+ volumeMounts:
+ - name: storage
+ mountPath: /var/lib/grafana
+ - name: download-dashboards
+ image: docker.io/curlimages/curl:7.85.0
+ imagePullPolicy: IfNotPresent
+ command:
+ - /bin/sh
+ args:
+ - -c
+ - mkdir -p /var/lib/grafana/dashboards/default && /bin/sh -x /etc/grafana/download_dashboards.sh
+ env: null
+ securityContext:
+ allowPrivilegeEscalation: false
+ capabilities:
+ drop:
+ - ALL
+ seccompProfile:
+ type: RuntimeDefault
+ volumeMounts:
+ - name: config
+ mountPath: /etc/grafana/download_dashboards.sh
+ subPath: download_dashboards.sh
+ - name: storage
+ mountPath: /var/lib/grafana
+ enableServiceLinks: true
+ containers:
+ - name: grafana-sc-dashboard
+ image: quay.io/kiwigrid/k8s-sidecar:1.25.2
+ imagePullPolicy: IfNotPresent
+ env:
+ - name: METHOD
+ value: WATCH
+ - name: LABEL
+ value: grafana_dashboard
+ - name: FOLDER
+ value: /tmp/dashboards
+ - name: RESOURCE
+ value: both
+ - name: NAMESPACE
+ value: ALL
+ - name: FOLDER_ANNOTATION
+ value: grafana_folder
+ - name: REQ_USERNAME
+ valueFrom:
+ secretKeyRef:
+ name: grafana-admin-secret
+ key: admin-user
+ - name: REQ_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: grafana-admin-secret
+ key: admin-password
+ - name: REQ_URL
+ value: http://localhost:3000/api/admin/provisioning/dashboards/reload
+ - name: REQ_METHOD
+ value: POST
+ securityContext:
+ allowPrivilegeEscalation: false
+ capabilities:
+ drop:
+ - ALL
+ seccompProfile:
+ type: RuntimeDefault
+ volumeMounts:
+ - name: sc-dashboard-volume
+ mountPath: /tmp/dashboards
+ - name: grafana-sc-datasources
+ image: quay.io/kiwigrid/k8s-sidecar:1.25.2
+ imagePullPolicy: IfNotPresent
+ env:
+ - name: METHOD
+ value: WATCH
+ - name: LABEL
+ value: grafana_datasource
+ - name: FOLDER
+ value: /etc/grafana/provisioning/datasources
+ - name: RESOURCE
+ value: both
+ - name: NAMESPACE
+ value: ALL
+ - name: REQ_USERNAME
+ valueFrom:
+ secretKeyRef:
+ name: grafana-admin-secret
+ key: admin-user
+ - name: REQ_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: grafana-admin-secret
+ key: admin-password
+ - name: REQ_URL
+ value: http://localhost:3000/api/admin/provisioning/datasources/reload
+ - name: REQ_METHOD
+ value: POST
+ securityContext:
+ allowPrivilegeEscalation: false
+ capabilities:
+ drop:
+ - ALL
+ seccompProfile:
+ type: RuntimeDefault
+ volumeMounts:
+ - name: sc-datasources-volume
+ mountPath: /etc/grafana/provisioning/datasources
+ - name: grafana
+ image: docker.io/grafana/grafana:10.2.2
+ imagePullPolicy: IfNotPresent
+ securityContext:
+ allowPrivilegeEscalation: false
+ capabilities:
+ drop:
+ - ALL
+ seccompProfile:
+ type: RuntimeDefault
+ volumeMounts:
+ - name: config
+ mountPath: /etc/grafana/grafana.ini
+ subPath: grafana.ini
+ - name: storage
+ mountPath: /var/lib/grafana
+ - name: config
+ mountPath: /etc/grafana/provisioning/datasources/datasources.yaml
+ subPath: datasources.yaml
+ - name: config
+ mountPath: /etc/grafana/provisioning/dashboards/dashboardproviders.yaml
+ subPath: dashboardproviders.yaml
+ - name: sc-dashboard-volume
+ mountPath: /tmp/dashboards
+ - name: sc-dashboard-provider
+ mountPath: /etc/grafana/provisioning/dashboards/sc-dashboardproviders.yaml
+ subPath: provider.yaml
+ - name: sc-datasources-volume
+ mountPath: /etc/grafana/provisioning/datasources
+ ports:
+ - name: grafana
+ containerPort: 3000
+ protocol: TCP
+ - name: gossip-tcp
+ containerPort: 9094
+ protocol: TCP
+ - name: gossip-udp
+ containerPort: 9094
+ protocol: UDP
+ env:
+ - name: POD_IP
+ valueFrom:
+ fieldRef:
+ fieldPath: status.podIP
+ - name: GF_SECURITY_ADMIN_USER
+ valueFrom:
+ secretKeyRef:
+ name: grafana-admin-secret
+ key: admin-user
+ - name: GF_SECURITY_ADMIN_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: grafana-admin-secret
+ key: admin-password
+ - name: GF_INSTALL_PLUGINS
+ valueFrom:
+ configMapKeyRef:
+ name: grafana
+ key: plugins
+ - name: GF_PATHS_DATA
+ value: /var/lib/grafana/
+ - name: GF_PATHS_LOGS
+ value: /var/log/grafana
+ - name: GF_PATHS_PLUGINS
+ value: /var/lib/grafana/plugins
+ - name: GF_PATHS_PROVISIONING
+ value: /etc/grafana/provisioning
+ - name: GF_EXPLORE_ENABLED
+ value: 'true'
+ - name: GF_SERVER_ROOT_URL
+ value: https://grafana.18b.haus
+ livenessProbe:
+ failureThreshold: 10
+ httpGet:
+ path: /api/health
+ port: 3000
+ initialDelaySeconds: 60
+ timeoutSeconds: 30
+ readinessProbe:
+ httpGet:
+ path: /api/health
+ port: 3000
+ volumes:
+ - name: config
+ configMap:
+ name: grafana
+ - name: dashboards-default
+ configMap:
+ name: grafana-dashboards-default
+ - name: dashboards-flux
+ configMap:
+ name: grafana-dashboards-flux
+ - name: dashboards-kubernetes
+ configMap:
+ name: grafana-dashboards-kubernetes
+ - name: dashboards-nginx
+ configMap:
+ name: grafana-dashboards-nginx
+ - name: dashboards-proxmox
+ configMap:
+ name: grafana-dashboards-proxmox
+ - name: dashboards-unifi
+ configMap:
+ name: grafana-dashboards-unifi
+ - name: storage
+ persistentVolumeClaim:
+ claimName: grafana
+ - name: sc-dashboard-volume
+ emptyDir: {}
+ - name: sc-dashboard-provider
+ configMap:
+ name: grafana-config-dashboards
+ - name: sc-datasources-volume
+ emptyDir: {}
+
--- kubernetes HelmRelease: default/grafana Ingress: default/grafana
+++ kubernetes HelmRelease: default/grafana Ingress: default/grafana
@@ -0,0 +1,29 @@
+---
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+ name: grafana
+ namespace: default
+ labels:
+ app.kubernetes.io/name: grafana
+ app.kubernetes.io/instance: grafana
+ app.kubernetes.io/managed-by: Helm
+ annotations:
+ hajimari.io/icon: simple-icons:grafana
+spec:
+ ingressClassName: internal
+ tls:
+ - hosts:
+ - grafana.18b.haus
+ rules:
+ - host: grafana.18b.haus
+ http:
+ paths:
+ - path: /
+ pathType: Prefix
+ backend:
+ service:
+ name: grafana
+ port:
+ number: 80
+
--- kubernetes HelmRelease: default/grafana ServiceMonitor: default/grafana
+++ kubernetes HelmRelease: default/grafana ServiceMonitor: default/grafana
@@ -0,0 +1,27 @@
+---
+apiVersion: monitoring.coreos.com/v1
+kind: ServiceMonitor
+metadata:
+ name: grafana
+ namespace: default
+ labels:
+ app.kubernetes.io/name: grafana
+ app.kubernetes.io/instance: grafana
+ app.kubernetes.io/managed-by: Helm
+spec:
+ endpoints:
+ - port: service
+ interval: 30s
+ scrapeTimeout: 30s
+ honorLabels: true
+ path: /metrics
+ scheme: http
+ jobLabel: grafana
+ selector:
+ matchLabels:
+ app.kubernetes.io/name: grafana
+ app.kubernetes.io/instance: grafana
+ namespaceSelector:
+ matchNames:
+ - default
+ |
--- kubernetes/apps Kustomization: flux-system/cluster-apps Kustomization: flux-system/home-assistant
+++ kubernetes/apps Kustomization: flux-system/cluster-apps Kustomization: flux-system/home-assistant
@@ -17,12 +17,15 @@
name: sops-age
dependsOn:
- name: cloudnative-pg-cluster
interval: 30m
path: ./kubernetes/apps/default/home-assistant/app
postBuild:
+ substitute:
+ APP: home-assistant
+ VOLSYNC_CAPACITY: 5Gi
substituteFrom:
- kind: ConfigMap
name: cluster-settings
- kind: Secret
name: cluster-secrets
prune: true
--- kubernetes/apps Kustomization: flux-system/cluster-apps Kustomization: flux-system/grafana
+++ kubernetes/apps Kustomization: flux-system/cluster-apps Kustomization: flux-system/grafana
@@ -14,12 +14,20 @@
name: sops-age
dependsOn:
- name: volsync
interval: 30m
path: ./kubernetes/apps/monitoring/grafana/app
postBuild:
+ substitute:
+ APP: grafana
+ VOLSYNC_CAPACITY: 1Gi
+ VOLSYNC_MOVER_FS_GROUP: '472'
+ VOLSYNC_MOVER_GROUP: '472'
+ VOLSYNC_MOVER_USER: '472'
+ VOLSYNC_SNAPSHOTCLASS: longhorn
+ VOLSYNC_STORAGECLASS: longhorn
substituteFrom:
- kind: ConfigMap
name: cluster-settings
- kind: Secret
name: cluster-secrets
prune: true |
martinohmann
force-pushed
the
volsync-template
branch
3 times, most recently
from
23e05f6 to
49d92de
Compare
This helps to reduce boilerplate a bit.
martinohmann
force-pushed
the
volsync-template
branch
from
49d92de to
92c17c3
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This helps to reduce boilerplate a bit.