$ export GRAFANA_NS=rfelix-grafana
$ oc project $GRAFANA_NS$ oc get csv -n $GRAFANA_NS
NAME DISPLAY VERSION REPLACES PHASE
grafana-operator.v4.5.1 Grafana Operator 4.5.1 grafana-operator.v4.5.0 Succeededcat > grafana-resource.yaml <<EOL
apiVersion: integreatly.org/v1alpha1
kind: Grafana
metadata:
name: custom-grafana
spec:
client:
preferService: false
timeout: 10
config:
auth:
disable_signout_menu: true
auth.anonymous:
enabled: true
log:
level: warn
mode: console
security:
admin_password: secret
admin_user: root
dashboardLabelSelector:
- matchExpressions:
- key: app
operator: In
values:
- grafana
ingress:
enabled: true
EOLnote: As credenciais de acesso ao usuário root são
rootesecretconforme arquivo acima.
$ oc create -f grafana-resource.yaml -n $GRAFANA_NS
# wait Phase be equals "reconciling"
$ oc describe grafana | grep -A4 Status
Status:
Message: success
Phase: reconciling
Previous Service Name: grafana-service
Events: <none>$ oc get sa -n $GRAFANA_NS
NAME SECRETS AGE
builder 2 17h
default 2 17h
deployer 2 17h
grafana-operator-controller-manager 2 17h
grafana-serviceaccount 2 16h
# docs: https://docs.openshift.com/container-platform/4.10/authentication/using-rbac.html
$ oc adm policy add-cluster-role-to-user cluster-monitoring-view -z grafana-serviceaccount -n $GRAFANA_NS
$ oc adm policy add-cluster-role-to-user cluster-reader -z grafana-serviceaccount -n $GRAFANA_NS
$ oc adm policy add-cluster-role-to-user view -z grafana-serviceaccount -n $GRAFANA_NS
$ oc adm policy add-cluster-role-to-user edit -z grafana-serviceaccount -n $GRAFANA_NS$ oc get svc/thanos-querier -n openshift-monitoring
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
thanos-querier ClusterIP 172.50.233.44 <none> 9091/TCP,9092/TCP,9093/TCP 62d
$ THANOS_URL=$(oc get svc thanos-querier -n openshift-monitoring -o go-template --template='https://{{.metadata.name}}.{{.metadata.namespace}}.svc.cluster.local:9091{{println}}')
oc serviceaccounts get-token grafana-serviceaccount -n $GRAFANA_NS
GRAFANA_TOKEN=$(oc serviceaccounts get-token grafana-serviceaccount -n $GRAFANA_NS)cat > grafana-ds.yaml <<EOL
apiVersion: integreatly.org/v1alpha1
kind: GrafanaDataSource
metadata:
name: thanos
namespace: $GRAFANA_NS
spec:
datasources:
- access: proxy
editable: true
isDefault: true
jsonData:
httpHeaderName1: Authorization
timeInterval: 5s
tlsSkipVerify: true
name: prometheus
secureJsonData:
httpHeaderValue1: >-
Bearer
$GRAFANA_TOKEN
type: prometheus
url: "$THANOS_URL"
name: query
EOL$ oc create -f grafanads-resource.yaml -n $GRAFANA_NS
$ echo $grafana
grafana-route-rfelix-grafana.apps.middleware.rhbr-lab.com
$ curl -sk -u root:secret https://${grafana}/api/datasources | jq '.'
[
{
"id": 1,
"uid": "sbZzGEmVz",
"orgId": 1,
"name": "prometheus",
"type": "prometheus",
"typeName": "Prometheus",
"typeLogoUrl": "public/app/plugins/datasource/prometheus/img/prometheus_logo.svg",
"access": "proxy",
"url": "http://prometheus-operated:9090",
"password": "",
"user": "",
"database": "",
"basicAuth": false,
"isDefault": true,
"jsonData": {
"nodeGraph": {},
"search": {},
"serviceMap": {},
"timeInterval": "5s",
"tlsSkipVerify": true,
"tracesToLogs": {}
},
"readOnly": false
}
]- https://www.redhat.com/en/blog/custom-grafana-dashboards-red-hat-openshift-container-platform-4
- Steps to Reproduce - grafana/grafana-operator#652
- Custom Grafana Dashboard for custom metrics - https://access.redhat.com/solutions/5335491
- https://wikitech.wikimedia.org/wiki/SRE/Observability/Dashboard_guidelines
- https://www.techbeatly.com/install-grafana-operator-on-openshift-container-platform-4/