grafana: Deploy Grafana

Now that Victoria Metrics is hosted in Kubernetes, it only makes sense to host Grafana there as well. I chose to use a single-instance deployment for simplicity; I don't really need high availability for Grafana. Its configuration does not change enough to worry about the downtime associated with restarting it. Migrating the existing data from SQLite to PostgreSQL, while possible, is just not worth the hassle.
2024-01-27 22:01:08 -06:00
parent 4e15a9d71d
commit 3439ce1f13
10 changed files with 1096 additions and 0 deletions
--- a/grafana/grafana.yaml
+++ b/grafana/grafana.yaml
@@ -0,0 +1,94 @@
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: grafana
+  labels:
+    app.kubernetes.io/name: grafana
+    app.kubernetes.io/component: grafana
+spec:
+  accessModes:
+  - ReadWriteMany
+  resources:
+    requests:
+      storage: 1Gi
+
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: grafana
+  labels:
+    app.kubernetes.io/name: grafana
+    app.kubernetes.io/component: grafana
+spec:
+  ports:
+  - port: 3000
+    name: grafana
+  selector:
+    app.kubernetes.io/name: grafana
+    app.kubernetes.io/component: grafana
+  clusterIP: None
+
+---
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+  name: grafana
+  labels:
+    app.kubernetes.io/name: grafana
+    app.kubernetes.io/component: grafana
+spec:
+  serviceName: grafana
+  selector:
+    matchLabels:
+      app.kubernetes.io/name: grafana
+      app.kubernetes.io/component: grafana
+  template:
+    metadata:
+      labels:
+        app.kubernetes.io/name: grafana
+        app.kubernetes.io/component: grafana
+    spec:
+      containers:
+      - name: grafana
+        image: docker.io/grafana/grafana:10.2.3
+        ports:
+        - containerPort: 3000
+          name: http
+        readinessProbe: &probe
+          httpGet:
+            port: http
+            path: /api/health
+          periodSeconds: 60
+        startupProbe:
+          <<: *probe
+          periodSeconds: 1
+          successThreshold: 1
+          failureThreshold: 30
+          timeoutSeconds: 1
+        securityContext:
+          runAsNonRoot: true
+          readOnlyRootFilesystem: true
+        volumeMounts:
+        - mountPath: /etc/grafana
+          name: config
+          readOnly: true
+        - mountPath: /run/secrets/grafana
+          name: secrets
+          readOnly: true
+        - mountPath: /var/lib/grafana
+          name: grafana
+          subPath: data
+      securityContext:
+        fsGroup: 472
+        runAsNonRoot: true
+      volumes:
+      - name: config
+        configMap:
+          name: grafana
+      - name: grafana
+        persistentVolumeClaim:
+          claimName: grafana
+      - name: secrets
+        secret:
+          secretName: grafana