diff --git a/kubernetes/apps/monitoring/grafana/app/helmrelease.yaml b/kubernetes/apps/monitoring/grafana/app/helmrelease.yaml index b09020afb..eb6ff0385 100644 --- a/kubernetes/apps/monitoring/grafana/app/helmrelease.yaml +++ b/kubernetes/apps/monitoring/grafana/app/helmrelease.yaml @@ -4,20 +4,17 @@ apiVersion: helm.toolkit.fluxcd.io/v2beta2 kind: HelmRelease metadata: name: grafana - namespace: monitoring spec: interval: 30m chart: spec: chart: grafana - version: 7.3.2 + version: 7.3.1 sourceRef: kind: HelmRepository name: grafana namespace: flux-system - maxHistory: 2 install: - createNamespace: true remediation: retries: 3 upgrade: @@ -36,12 +33,15 @@ spec: GF_AUTH_GENERIC_OAUTH_AUTH_URL: https://auth.${SECRET_CLUSTER_DOMAIN}/api/oidc/authorization GF_AUTH_GENERIC_OAUTH_CLIENT_ID: grafana GF_AUTH_GENERIC_OAUTH_TOKEN_URL: https://auth.${SECRET_CLUSTER_DOMAIN}/api/oidc/token + GF_DATE_FORMATS_USE_BROWSER_LOCALE: true GF_EXPLORE_ENABLED: true GF_PANELS_DISABLE_SANITIZE_HTML: true GF_LOG_FILTERS: rendering:debug + GF_PLUGINS_ALLOW_LOADING_UNSIGNED_PLUGINS: natel-discrete-panel,pr0ps-trackmap-panel,panodata-map-panel GF_DATE_FORMATS_FULL_DATE: "DD.MM.YYYY hh:mm:ss" GF_SECURITY_ALLOW_EMBEDDING: true GF_SECURITY_COOKIE_SAMESITE: grafana + GF_SERVER_ROOT_URL: https://grafana.${SECRET_CLUSTER_DOMAIN} envFromSecrets: - name: grafana-secret grafana.ini: @@ -64,43 +64,88 @@ spec: name_attribute_path: name use_pkce: true auth.generic_oauth.group_mapping: - role_attribute_path: | - contains(groups[*], 'admins') && 'Admin' || contains(groups[*], 'users') && 'Viewer' org_id: 1 + role_attribute_path: | + contains(groups[*], 'admins') && 'Admin' || contains(groups[*], 'people') && 'Viewer' auth.basic: enabled: false auth.anonymous: - enabled: true - org_name: HomeOps - org_id: 1 - org_role: Viewer - server: - root_url: "https://grafana.${SECRET_CLUSTER_DOMAIN}" - paths: - data: /var/lib/grafana/data - logs: /var/log/grafana - plugins: /var/lib/grafana/plugins - provisioning: /etc/grafana/provisioning - log: - mode: console - grafana_net: - url: https://grafana.net + enabled: false + # org_id: 1 + # org_role: Viewer + news: + news_feed_enabled: false dashboardProviders: dashboardproviders.yaml: apiVersion: 1 providers: - - name: "default" + - name: default orgId: 1 folder: "" type: file disableDeletion: false editable: true options: - path: /var/lib/grafana/dashboards/default + path: /var/lib/grafana/dashboards/default-folder + - name: ceph + orgId: 1 + folder: Ceph + type: file + disableDeletion: false + editable: true + options: + path: /var/lib/grafana/dashboards/ceph-folder + - name: flux + orgId: 1 + folder: Flux + type: file + disableDeletion: false + editable: true + options: + path: /var/lib/grafana/dashboards/flux-folder + - name: kubernetes + orgId: 1 + folder: Kubernetes + type: file + disableDeletion: false + editable: true + options: + path: /var/lib/grafana/dashboards/kubernetes-folder + - name: nginx + orgId: 1 + folder: Nginx + type: file + disableDeletion: false + editable: true + options: + path: /var/lib/grafana/dashboards/nginx-folder + - name: prometheus + orgId: 1 + folder: Prometheus + type: file + disableDeletion: false + editable: true + options: + path: /var/lib/grafana/dashboards/prometheus-folder + - name: thanos + orgId: 1 + folder: Thanos + type: file + disableDeletion: false + editable: true + options: + path: /var/lib/grafana/dashboards/thanos-folder + - name: unifi + orgId: 1 + folder: Unifi + type: file + disableDeletion: false + editable: true + options: + path: /var/lib/grafana/dashboards/unifi-folder datasources: datasources.yaml: apiVersion: 1 - # list of datasources that should be deleted from the database deleteDatasources: - { name: Alertmanager, orgId: 1 } - { name: Loki, orgId: 1 } @@ -108,11 +153,13 @@ spec: datasources: - name: Prometheus type: prometheus + uid: prometheus access: proxy url: http://thanos-query-frontend.monitoring.svc.cluster.local.:9090 isDefault: true - name: Loki type: loki + uid: loki access: proxy url: http://loki-gateway.monitoring.svc.cluster.local.:80 - name: Alertmanager @@ -133,23 +180,179 @@ spec: truenas: url: https://raw.githubusercontent.com/auricom/home-ops/main/kubernetes/apps/monitoring/grafana/dashboards/truenas.json datasource: Prometheus + external-dns: + # renovate: depName="External-dns" + gnetId: 15038 + revision: 3 + datasource: Prometheus + node-exporter-full: + # renovate: depName="Node Exporter Full" + gnetId: 1860 + revision: 33 + datasource: Prometheus + redis: + # renovate: depName="Redis Dashboard for Prometheus Redis Exporter 1.x" + gnetId: 763 + revision: 6 + datasource: + - { name: DS_PROMETHEUS, value: Prometheus } + spegel: + # renovate: depName="Spegel" + gnetId: 18089 + revision: 1 + datasource: + - { name: DS_PROMETHEUS, value: Prometheus } + cert-manager: + url: https://raw.githubusercontent.com/monitoring-mixins/website/master/assets/cert-manager/dashboards/cert-manager.json + datasource: Prometheus + external-secrets: + url: https://raw.githubusercontent.com/external-secrets/external-secrets/main/docs/snippets/dashboard.json + datasource: Prometheus + node-feature-discovery: + url: https://raw.githubusercontent.com/kubernetes-sigs/node-feature-discovery/master/examples/grafana-dashboard.json + datasource: Prometheus + ceph: + ceph-cluster: + # renovate: depName="Ceph Cluster" + gnetId: 2842 + revision: 17 + datasource: Prometheus + ceph-osd: + # renovate: depName="Ceph - OSD (Single)" + gnetId: 5336 + revision: 9 + datasource: Prometheus + ceph-pools: + # renovate: depName="Ceph - Pools" + gnetId: 5342 + revision: 9 + datasource: Prometheus + flux: + flux-cluster: + url: https://raw.githubusercontent.com/fluxcd/flux2-monitoring-example/main/monitoring/configs/dashboards/cluster.json + datasource: Prometheus + flux-control-plane: + url: https://raw.githubusercontent.com/fluxcd/flux2-monitoring-example/main/monitoring/configs/dashboards/control-plane.json + datasource: Prometheus + kubernetes: + kubernetes-api-server: + # renovate: depName="Kubernetes / System / API Server" + gnetId: 15761 + revision: 16 + datasource: Prometheus + kubernetes-coredns: + # renovate: depName="Kubernetes / System / CoreDNS" + gnetId: 15762 + revision: 17 + datasource: Prometheus + kubernetes-global: + # renovate: depName="Kubernetes / Views / Global" + gnetId: 15757 + revision: 37 + datasource: Prometheus + kubernetes-namespaces: + # renovate: depName="Kubernetes / Views / Namespaces" + gnetId: 15758 + revision: 34 + datasource: Prometheus + kubernetes-nodes: + # renovate: depName="Kubernetes / Views / Nodes" + gnetId: 15759 + revision: 29 + datasource: Prometheus + kubernetes-pods: + # renovate: depName="Kubernetes / Views / Pods" + gNetId: 15760 + revision: 21 + datasource: Prometheus + kubernetes-volumes: + # renovate: depName="K8s / Storage / Volumes / Cluster" + gnetId: 11454 + revision: 14 + datasource: Prometheus + nginx: + nginx: + url: https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/grafana/dashboards/nginx.json + datasource: Prometheus + nginx-request-handling-performance: + url: https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/grafana/dashboards/request-handling-performance.json + datasource: Prometheus + prometheus: + prometheus: + # renovate: depName="Prometheus" + gnetId: 19105 + revision: 3 + datasource: Prometheus + thanos: + thanos-bucket-replicate: + url: https://raw.githubusercontent.com/monitoring-mixins/website/master/assets/thanos/dashboards/bucket-replicate.json + datasource: Prometheus + thanos-compact: + url: https://raw.githubusercontent.com/monitoring-mixins/website/master/assets/thanos/dashboards/compact.json + datasource: Prometheus + thanos-overview: + url: https://raw.githubusercontent.com/monitoring-mixins/website/master/assets/thanos/dashboards/overview.json + datasource: Prometheus + thanos-query: + url: https://raw.githubusercontent.com/monitoring-mixins/website/master/assets/thanos/dashboards/query.json + datasource: Prometheus + thanos-query-frontend: + url: https://raw.githubusercontent.com/monitoring-mixins/website/master/assets/thanos/dashboards/query-frontend.json + datasource: Prometheus + thanos-receieve: + url: https://raw.githubusercontent.com/monitoring-mixins/website/master/assets/thanos/dashboards/receive.json + datasource: Prometheus + thanos-rule: + url: https://raw.githubusercontent.com/monitoring-mixins/website/master/assets/thanos/dashboards/rule.json + datasource: Prometheus + thanos-sidecar: + url: https://raw.githubusercontent.com/monitoring-mixins/website/master/assets/thanos/dashboards/sidecar.json + datasource: Prometheus + thanos-store: + url: https://raw.githubusercontent.com/monitoring-mixins/website/master/assets/thanos/dashboards/store.json + datasource: Prometheus + unifi: + unifi-insights: + # renovate: depName="UniFi-Poller: Client Insights - Prometheus" + gnetId: 11315 + revision: 9 + datasource: Prometheus + unifi-network-sites: + # renovate: depName="UniFi-Poller: Network Sites - Prometheus" + gnetId: 11311 + revision: 5 + datasource: Prometheus + unifi-uap: + # renovate: depName="UniFi-Poller: UAP Insights - Prometheus" + gnetId: 11314 + revision: 10 + datasource: Prometheus + unifi-usw: + # renovate: depName="UniFi-Poller: USW Insights - Prometheus" + gnetId: 11312 + revision: 9 + datasource: Prometheus sidecar: dashboards: enabled: true searchNamespace: ALL - # folderAnnotation: grafana_folder - # provider: - # foldersFromFilesStructure: true + labelValue: "" + label: grafana_dashboard + folderAnnotation: grafana_folder + provider: + disableDelete: true + foldersFromFilesStructure: true datasources: enabled: true searchNamespace: ALL + labelValue: "" plugins: + - grafana-clock-panel + - grafana-piechart-panel + - grafana-worldmap-panel - natel-discrete-panel - pr0ps-trackmap-panel - - grafana-piechart-panel - vonage-status-panel - - grafana-worldmap-panel - - grafana-clock-panel serviceMonitor: enabled: true ingress: @@ -164,14 +367,12 @@ spec: - *host persistence: enabled: false - affinity: - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - weight: 100 - podAffinityTerm: - labelSelector: - matchExpressions: - - key: app.kubernetes.io/name - operator: In - values: ["grafana"] - topologyKey: kubernetes.io/hostname + testFramework: + enabled: false + topologySpreadConstraints: + - maxSkew: 1 + topologyKey: kubernetes.io/hostname + whenUnsatisfiable: DoNotSchedule + labelSelector: + matchLabels: + app.kubernetes.io/name: grafana