apiVersion: v1 kind: Template labels: template: grafana metadata: annotations: description: |- Grafana allows you to query, visualize, alert on and understand your metrics no matter where they are stored. Create, explore, and share dashboards with your team and foster a data driven culture. openshift.io/display-name: Grafana tags: instant-app template.openshift.io/documentation-url: http://docs.grafana.org/ template.openshift.io/long-description: A grafana distribution for OpenShift. template.openshift.io/provider-display-name: Grafana template.openshift.io/support-url: https://grafana.com/enterprise name: grafana parameters: - description: The Docker image to use for the OAuth Proxy. displayName: OAuth Proxy image name: PROXY_IMAGE value: registry.access.redhat.com/openshift3/oauth-proxy:v3.11 required: true - description: The desired hostname of the route to the Grafana service. displayName: Hostname of the Grafana Service name: GRAFANA_HOSTNAME required: false - description: The session secret for the proxy name: SESSION_SECRET generate: expression from: "[a-zA-Z0-9]{43}" required: true - description: The Grafana version to deploy displayName: Grafana version name: GRAFANA_CUSTOM_VERSION value: 5.1.4 required: true - description: The Grafana release to deploy, either 'stable', 'beta', 'master', 'custom' or 'redhat' displayName: Grafana release name: GRAFANA_RELEASE value: master required: true - description: The namespace used to deploy this template displayName: Kubernetes Namespace name: NAMESPACE required: true - description: Volume size for the Grafana DB displayName: Volume Size name: GRAFANA_VOLUME_SIZE value: "1Gi" required: true objects: - apiVersion: v1 kind: PersistentVolumeClaim metadata: name: grafana spec: accessModes: - ReadWriteOnce resources: requests: storage: ${GRAFANA_VOLUME_SIZE} - apiVersion: v1 kind: Secret metadata: name: oauth-proxy namespace: "${NAMESPACE}" stringData: session_secret: "${SESSION_SECRET}=" - apiVersion: v1 kind: ServiceAccount metadata: name: grafana namespace: ${NAMESPACE} annotations: serviceaccounts.openshift.io/oauth-redirectreference.proxy: '{"kind":"OAuthRedirectReference","apiVersion":"v1","reference":{"kind":"Route","name":"grafana"}}' secrets: - kind: ConfigMap apiVersion: v1 metadata: name: grafana-config namespace: ${NAMESPACE} data: grafana.ini: |- [server] http_addr = 127.0.0.1 [auth] disable_login_form = true disable_signout_menu = true [auth.basic] enabled = false [auth.proxy] enabled = true header_name = X-Forwarded-User [users] auto_assign_org = true auto_assign_org_role = Admin [log] mode = console - kind: ConfigMap apiVersion: v1 metadata: name: grafana-datasources namespace: ${NAMESPACE} data: prometheus.yaml: |- apiVersion: 1 datasources: - name: prometheus type: prometheus access: proxy url: http://prometheus:9090 isDefault: false version: 1 editable: true options: path: '/usr/share/dashboards' - kind: ConfigMap apiVersion: v1 metadata: name: grafana-dashboards namespace: ${NAMESPACE} data: prometheus.yaml: |- apiVersion: 1 providers: - name: 'default' orgId: 1 folder: '' type: file disableDeletion: false updateIntervalSeconds: 300 - apiVersion: v1 kind: ImageStream metadata: labels: build: grafana namespace: ${NAMESPACE} name: grafana spec: dockerImageRepository: docker.io/grafana/grafana tags: - name: stable from: kind: DockerImage name: 'docker.io/grafana/grafana:5.1.4' importPolicy: scheduled: true - name: beta from: kind: DockerImage name: 'docker.io/grafana/grafana:5.2.0-beta3' importPolicy: scheduled: true - name: master from: kind: DockerImage name: 'docker.io/grafana/grafana:master' importPolicy: scheduled: true - name: custom from: kind: DockerImage name: 'docker.io/grafana/grafana:${GRAFANA_CUSTOM_VERSION}' importPolicy: scheduled: true - name: redhat from: kind: DockerImage name: 'registry.access.redhat.com/openshift3/grafana:v3.11' importPolicy: scheduled: true - apiVersion: v1 kind: DeploymentConfig metadata: labels: app: grafana name: grafana namespace: ${NAMESPACE} spec: replicas: 1 selector: app: grafana deploymentconfig: grafana strategy: activeDeadlineSeconds: 21600 resources: {} type: Recreate template: metadata: creationTimestamp: null labels: app: grafana deploymentconfig: grafana spec: containers: - image: " " imagePullPolicy: IfNotPresent name: grafana ports: - containerPort: 3000 protocol: TCP resources: {} securityContext: {} terminationMessagePath: /dev/termination-log volumeMounts: - mountPath: /etc/grafana/ name: grafana-config - mountPath: /var/log/grafana/ name: grafana-logs - mountPath: /var/lib/grafana/ name: grafana-storage - mountPath: /etc/grafana/provisioning/datasources name: grafana-datasources - mountPath: /etc/grafana/provisioning/dashboards name: grafana-dashboards - image: ${PROXY_IMAGE} imagePullPolicy: IfNotPresent name: proxy args: - --provider=openshift - --https-address=:8443 - --http-address= - --upstream=http://localhost:3000 - --openshift-service-account=grafana - '--openshift-sar={"resource": "namespaces", "verb": "get", "resourceName": "${NAMESPACE}", "namespace": "${NAMESPACE}"}' - --tls-cert=/etc/tls/private/tls.crt - --tls-key=/etc/tls/private/tls.key - --client-secret-file=/var/run/secrets/kubernetes.io/serviceaccount/token - --cookie-secret-file=/etc/proxy/secrets/session_secret - --openshift-ca=/etc/pki/tls/cert.pem - --openshift-ca=/var/run/secrets/kubernetes.io/serviceaccount/ca.crt ports: - containerPort: 8443 name: web protocol: TCP resources: {} securityContext: {} terminationMessagePath: /dev/termination-log terminationMessagePolicy: File volumeMounts: - mountPath: /etc/tls/private name: tls - mountPath: /etc/proxy/secrets name: secrets dnsPolicy: ClusterFirst terminationGracePeriodSeconds: 30 restartPolicy: Always serviceAccountName: grafana volumes: - name: secrets secret: secretName: oauth-proxy - name: tls secret: secretName: grafana-tls - name: grafana-storage persistentVolumeClaim: claimName: grafana - name: grafana-logs emptyDir: {} - name: grafana-config configMap: name: grafana-config - name: grafana-datasources configMap: name: grafana-datasources - name: grafana-dashboards configMap: name: grafana-dashboards test: false triggers: - type: ConfigChange - type: ImageChange imageChangeParams: automatic: true containerNames: - grafana from: kind: ImageStreamTag name: grafana:${GRAFANA_RELEASE} - apiVersion: v1 kind: Service metadata: labels: app: grafana name: grafana namespace: ${NAMESPACE} annotations: service.alpha.openshift.io/serving-cert-secret-name: grafana-tls spec: ports: - name: oauth-proxy port: 8443 protocol: TCP targetPort: 8443 selector: app: grafana deploymentconfig: grafana sessionAffinity: None type: ClusterIP - apiVersion: v1 kind: Route metadata: labels: app: grafana name: grafana namespace: ${NAMESPACE} spec: host: ${GRAFANA_HOSTNAME} port: targetPort: oauth-proxy to: kind: Service name: grafana weight: 100 wildcardPolicy: None tls: termination: reencrypt