Merge pull request #2863 from catherineluse/grafana

Add docs to persist Grafana dashboards

content/rancher/v2.x/en/monitoring-alerting/v2.5/_index.md

@@ -105,6 +105,8 @@ Rancher allows any users who are authenticated by Kubernetes and have access the
 
 However, users can choose to log in to Grafana as an [Admin](https://grafana.com/docs/grafana/latest/permissions/organization_roles/#admin-role) if necessary. The default Admin username and password for the Grafana instance will be `admin`/`prom-operator`, but alternative credentials can also be supplied on deploying or upgrading the chart.
 
+> **Persistent Dashboards:** To allow the Grafana dashboard to persist after it restarts, add the dashboard configuration JSON into a ConfigMap. ConfigMaps also allow the dashboards to be deployed with a GitOps or CD based approach. This allows the dashboard to be put under version control. For details, refer to [this section.](./persist-grafana)
+
 To see the Grafana UI, install `rancher-monitoring`. Then go to the **Cluster Explorer.** In the top left corner, click **Cluster Explorer > Monitoring.** Then click **Grafana.
 
 <figcaption>Cluster Compute Resources Dashboard in Grafana</figcaption>
@@ -113,8 +115,6 @@ To see the Grafana UI, install `rancher-monitoring`. Then go to the **Cluster Ex
 <figcaption>Default Dashboards in Grafana</figcaption>
 ![Default Dashboards in Grafana]({{<baseurl>}}/img/rancher/grafana-default-dashboard.png)
 
-To allow the Grafana dashboard to persist after it restarts, you will need to add the configuration JSON into a ConfigMap. You can add this configuration to the ConfigMap using the Rancher UI.
-
 ### Prometheus UI
 
 To see the Prometheus UI, install `rancher-monitoring`. Then go to the **Cluster Explorer.** In the top left corner, click **Cluster Explorer > Monitoring.** Then click **Prometheus Graph.**

content/rancher/v2.x/en/monitoring-alerting/v2.5/persist-grafana/_index.md

@@ -0,0 +1,35 @@
+---
+title: Persistent Grafana Dashboards
+weight: 4
+---
+
+To allow the Grafana dashboard to persist after the Grafana instance restarts, add the dashboard configuration JSON into a ConfigMap. ConfigMaps also allow the dashboards to be deployed with a GitOps or CD based approach. This allows the dashboard to be put under version control.
+
+> **Prerequisites:**
+> 
+> - The monitoring application needs to be installed.
+> - You must have the cluster-admin ClusterRole permission.
+
+1. Open the Grafana dashboard. From the **Cluster Explorer,** click **Cluster Explorer > Monitoring.**
+1. Log in to Grafana. Note: The default Admin username and password for the Grafana instance is `admin/prom-operator`. (Regardless of who has the password, cluster administrator permission in Rancher is still required access the Grafana instance.) Alternative credentials can also be supplied on deploying or upgrading the chart.
+1. Go to the dashboard that you want to persist. In the top navigation menu, go to the dashboard settings by clicking the gear icon.
+1. In the left navigation menu, click **JSON Model.**
+1. Copy the JSON data structure that appears.
+1. Create a ConfigMap in the `cattle-dashboards` namespace. The ConfigMap needs to have the label `grafana_dashboard: "1"`. Paste the JSON into the ConfigMap in the format shown in the example below:
+
+    ```yaml
+    apiVersion: v1
+    kind: ConfigMap
+    metadata:
+      labels:
+    	  grafana_dashboard: "1"
+      name: <dashboard-name>
+      namespace: cattle-dashboards
+    data:
+      <dashboard-name>.json: |-
+        <copied-json>
+	```
+
+**Result:** After the ConfigMap is created, it should show up on the Grafana UI and be persisted even if the Grafana pod is restarted.
+
+Dashboards that are persisted using ConfigMaps cannot be deleted from the Grafana UI. If you attempt to delete the dashboard in the Grafana UI, you will see the error message "Dashboard cannot be deleted because it was provisioned." To delete the dashboard, you will need to delete the ConfigMap.

content/rancher/v2.x/en/monitoring-alerting/v2.5/rbac/_index.md

@@ -49,7 +49,7 @@ Only those with the the cluster-admin / admin / edit `ClusterRole` should be abl
 Only those with who have some k8s `ClusterRole` should be able to:
 
 - View the configuration of Prometheuses that are deployed within the cluster
-- View the configuraiton of Alertmanagers that are deployed within the cluster
+- View the configuration of Alertmanagers that are deployed within the cluster
 - View the scrape configuration of Prometheus deployments via ServiceMonitor and PodMonitor CRs
 - View the alerting / recording rules of a Prometheus deployment via PrometheusRules CRs
 
@@ -96,5 +96,5 @@ If cluster-admins would like to provide additional admin/edit access to users ou
 
 | k8s Resources | Namespace | Can it cause impact outside of a namespace / project? | Impact |
 |----------------------------| ------| ------| ----------------------------|
-| <ul><li>`secrets`</li><li>`configmaps`</li></ul>| `cattle-monitoring-system` | Yes, Configs and Secrets in this namespace can impact the entire monitoring / alerting pipeline. | User will be able to create or edit Secrets / ConfigMaps such as the Alertmanager Config, Prometheus Adapter Config, TLS secrets, additional Grafana datasoruces, etc. This can have broad impact on all cluster monitoring / alerting. |
+| <ul><li>`secrets`</li><li>`configmaps`</li></ul>| `cattle-monitoring-system` | Yes, Configs and Secrets in this namespace can impact the entire monitoring / alerting pipeline. | User will be able to create or edit Secrets / ConfigMaps such as the Alertmanager Config, Prometheus Adapter Config, TLS secrets, additional Grafana datasources, etc. This can have broad impact on all cluster monitoring / alerting. |
 | <ul><li>`secrets`</li><li>`configmaps`</li></ul>| `cattle-dashboards` | Yes, Configs and Secrets in this namespace can create dashboards that make queries on all metrics collected at a cluster-level. | User will be able to create Secrets / ConfigMaps that persist new Grafana Dashboards only. |