From f870e043afa3c18145ce45dc4e5242e23a0ee116 Mon Sep 17 00:00:00 2001 From: cluse Date: Mon, 23 Nov 2020 16:34:46 -0700 Subject: [PATCH 1/2] Add docs to persist Grafana dashboards --- .../en/monitoring-alerting/v2.5/_index.md | 4 +-- .../v2.5/persist-grafana/_index.md | 35 +++++++++++++++++++ .../monitoring-alerting/v2.5/rbac/_index.md | 4 +-- 3 files changed, 39 insertions(+), 4 deletions(-) create mode 100644 content/rancher/v2.x/en/monitoring-alerting/v2.5/persist-grafana/_index.md diff --git a/content/rancher/v2.x/en/monitoring-alerting/v2.5/_index.md b/content/rancher/v2.x/en/monitoring-alerting/v2.5/_index.md index 451677b3e35..c400373f455 100644 --- a/content/rancher/v2.x/en/monitoring-alerting/v2.5/_index.md +++ b/content/rancher/v2.x/en/monitoring-alerting/v2.5/_index.md @@ -105,6 +105,8 @@ Rancher allows any users who are authenticated by Kubernetes and have access the However, users can choose to log in to Grafana as an [Admin](https://grafana.com/docs/grafana/latest/permissions/organization_roles/#admin-role) if necessary. The default Admin username and password for the Grafana instance will be `admin`/`prom-operator`, but alternative credentials can also be supplied on deploying or upgrading the chart. +> **Persistent Dashboards:** To allow the Grafana dashboard to persist after it restarts, add the dashboard configuration JSON into a ConfigMap. ConfigMaps also allow the dashboards to be deployed with a GitOps or CD based approach. This allows the dashboard to be put under version control. For details, refer to [this section.](./persist-grafana) + To see the Grafana UI, install `rancher-monitoring`. Then go to the **Cluster Explorer.** In the top left corner, click **Cluster Explorer > Monitoring.** Then click **Grafana.
Cluster Compute Resources Dashboard in Grafana
@@ -113,8 +115,6 @@ To see the Grafana UI, install `rancher-monitoring`. Then go to the **Cluster Ex
Default Dashboards in Grafana
![Default Dashboards in Grafana]({{}}/img/rancher/grafana-default-dashboard.png) -To allow the Grafana dashboard to persist after it restarts, you will need to add the configuration JSON into a ConfigMap. You can add this configuration to the ConfigMap using the Rancher UI. - ### Prometheus UI To see the Prometheus UI, install `rancher-monitoring`. Then go to the **Cluster Explorer.** In the top left corner, click **Cluster Explorer > Monitoring.** Then click **Prometheus Graph.** diff --git a/content/rancher/v2.x/en/monitoring-alerting/v2.5/persist-grafana/_index.md b/content/rancher/v2.x/en/monitoring-alerting/v2.5/persist-grafana/_index.md new file mode 100644 index 00000000000..6ecf2b516e5 --- /dev/null +++ b/content/rancher/v2.x/en/monitoring-alerting/v2.5/persist-grafana/_index.md @@ -0,0 +1,35 @@ +--- +title: Persistent Grafana Dashboards +weight: 4 +--- + +To allow the Grafana dashboard to persist after the Grafana instance restarts, add the dashboard configuration JSON into a ConfigMap. ConfigMaps also allow the dashboards to be deployed with a GitOps or CD based approach. This allows the dashboard to be put under version control. + +> **Prerequisites:** +> +> - The monitoring application needs to be installed. +> - You must have the cluster-admin ClusterRole permission. + +1. Open the Grafana dashboard. From the **Cluster Explorer,** click **Cluster Explorer > Monitoring.** +1. Log in to Grafana. Note: The default Admin username and password for the Grafana instance is `admin/prom-operator`. (Regardless of who has the password, cluster administrator permission in Rancher is still required access the Grafana instance.) Alternative credentials can also be supplied on deploying or upgrading the chart. +1. Go to the dashboard that you want to persist. In the top navigation menu, go to the dashboard settings by clicking the gear icon. +1. In the left navigation menu, click **JSON Model.** +1. Copy the JSON data structure that appears. +1. Create a ConfigMap in the `cattle-dashboards` namespace. The ConfigMap needs to have the label `grafana_dashboard: "1"`. Paste the JSON into the ConfigMap in the format shown in the example below: + + ```yaml + apiVersion: v1 + kind: ConfigMap + metadata: + labels: + grafana_dashboard: "1" + name: + namespace: cattle-dashboards + data: + .json: |- + + ``` + +**Result:** After the ConfigMap is created, it should show up on the Grafana UI and be persisted even if the Grafana pod is restarted. + +Dashboards that are persisted using ConfigMaps cannot be deleted from the Grafana UI. If you attempt to delete the dashboard in the Grafana UI, you will see the error message "Dashboard cannot be deleted because it was provisioned." To delete the dashboard, you will need to delete the ConfigMap. diff --git a/content/rancher/v2.x/en/monitoring-alerting/v2.5/rbac/_index.md b/content/rancher/v2.x/en/monitoring-alerting/v2.5/rbac/_index.md index 14d2b1bcb16..df44189e67d 100644 --- a/content/rancher/v2.x/en/monitoring-alerting/v2.5/rbac/_index.md +++ b/content/rancher/v2.x/en/monitoring-alerting/v2.5/rbac/_index.md @@ -49,7 +49,7 @@ Only those with the the cluster-admin / admin / edit `ClusterRole` should be abl Only those with who have some k8s `ClusterRole` should be able to: - View the configuration of Prometheuses that are deployed within the cluster -- View the configuraiton of Alertmanagers that are deployed within the cluster +- View the configuration of Alertmanagers that are deployed within the cluster - View the scrape configuration of Prometheus deployments via ServiceMonitor and PodMonitor CRs - View the alerting / recording rules of a Prometheus deployment via PrometheusRules CRs @@ -96,5 +96,5 @@ If cluster-admins would like to provide additional admin/edit access to users ou | k8s Resources | Namespace | Can it cause impact outside of a namespace / project? | Impact | |----------------------------| ------| ------| ----------------------------| -|
  • `secrets`
  • `configmaps`
| `cattle-monitoring-system` | Yes, Configs and Secrets in this namespace can impact the entire monitoring / alerting pipeline. | User will be able to create or edit Secrets / ConfigMaps such as the Alertmanager Config, Prometheus Adapter Config, TLS secrets, additional Grafana datasoruces, etc. This can have broad impact on all cluster monitoring / alerting. | +|
  • `secrets`
  • `configmaps`
| `cattle-monitoring-system` | Yes, Configs and Secrets in this namespace can impact the entire monitoring / alerting pipeline. | User will be able to create or edit Secrets / ConfigMaps such as the Alertmanager Config, Prometheus Adapter Config, TLS secrets, additional Grafana datasources, etc. This can have broad impact on all cluster monitoring / alerting. | |
  • `secrets`
  • `configmaps`
| `cattle-dashboards` | Yes, Configs and Secrets in this namespace can create dashboards that make queries on all metrics collected at a cluster-level. | User will be able to create Secrets / ConfigMaps that persist new Grafana Dashboards only. | From ea5dc8cda4efaed5e8e5a88c94f1ebdd941cd4c9 Mon Sep 17 00:00:00 2001 From: Catherine Luse Date: Tue, 24 Nov 2020 14:02:27 -0700 Subject: [PATCH 2/2] Fix grafana dashboard ConfigMap label indentation --- .../v2.x/en/monitoring-alerting/v2.5/persist-grafana/_index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/rancher/v2.x/en/monitoring-alerting/v2.5/persist-grafana/_index.md b/content/rancher/v2.x/en/monitoring-alerting/v2.5/persist-grafana/_index.md index 6ecf2b516e5..78234fd30d2 100644 --- a/content/rancher/v2.x/en/monitoring-alerting/v2.5/persist-grafana/_index.md +++ b/content/rancher/v2.x/en/monitoring-alerting/v2.5/persist-grafana/_index.md @@ -22,7 +22,7 @@ To allow the Grafana dashboard to persist after the Grafana instance restarts, a kind: ConfigMap metadata: labels: - grafana_dashboard: "1" + grafana_dashboard: "1" name: namespace: cattle-dashboards data: