Text file src/edge-infra.dev/config/pallets/o11y/grafana/base/grafana.yaml

Documentation: edge-infra.dev/config/pallets/o11y/grafana/base

     1apiVersion: v1
     2kind: ServiceAccount
     3metadata:
     4  name: grafana-sa
     5  annotations:
     6    iam.gke.io/gcp-service-account: grafana-${cluster_hash}@${gcp_project_id}.iam.gserviceaccount.com
     7---
     8apiVersion: grafana.integreatly.org/v1beta1
     9kind: Grafana
    10metadata:
    11  name: grafana
    12  labels:
    13    dashboards: "grafana"
    14spec:
    15  service:
    16    metadata:
    17      labels:
    18        app.kubernetes.io/name: grafana
    19    spec:
    20      selector:
    21        app: grafana
    22      ports:
    23      - name: grafana-http
    24        protocol: TCP
    25        port: 80
    26        targetPort: 3000
    27  serviceAccount:
    28    automountServiceAccountToken: true
    29  config:
    30    auth.proxy:
    31      auto_sign_up: 'true'
    32      enabled: 'true'
    33      header_name: X-WEBAUTH-USER
    34      header_property: username
    35      headers: Role:X-WEBAUTH-ROLE
    36    log:
    37      mode: "console"
    38    log.console:
    39      format: json
    40    news:
    41      news_feed_enabled: "false"
    42    security:
    43      allow_embedding: "true"
    44    server:
    45      enable_gzip: "true"
    46      root_url: https://${domain}/grafana/
    47      serve_from_sub_path: "false"
    48    users:
    49      allow_sign_up: 'false'
    50      auto_assign_org: 'true'
    51      auto_assign_org_role: Viewer
    52      home_page: https://${domain}/grafana/dashboards/
    53  deployment:
    54    metadata:
    55      labels:
    56        app.kubernetes.io/name: grafana
    57    spec:
    58      template:
    59        metadata:
    60          labels:
    61            app.kubernetes.io/name: grafana
    62        spec:
    63          containers:
    64          - name: grafana
    65            image: bzl://hack/deps:grafana_container_push
    66            env:
    67            - name: GF_SECURITY_ADMIN_USER
    68              valueFrom:
    69                secretKeyRef:
    70                  name: grafana-admin-credentials
    71                  key: GF_SECURITY_ADMIN_USER
    72            - name: GF_SECURITY_ADMIN_PASSWORD
    73              valueFrom:
    74                secretKeyRef:
    75                  name: grafana-admin-credentials
    76                  key: GF_SECURITY_ADMIN_PASSWORD
    77            readinessProbe:
    78              failureThreshold: 3
    79            securityContext:
    80              allowPrivilegeEscalation: true
    81              readOnlyRootFilesystem: false
    82          volumes:
    83          - name: grafana-data
    84            persistentVolumeClaim:
    85              claimName: grafana-pvc
    86          securityContext:
    87            fsGroup: 472
    88      strategy:
    89        type: Recreate
    90  persistentVolumeClaim:
    91    spec:
    92      resources:
    93        requests:
    94          storage: 10Gi
    95      accessModes:
    96      - ReadWriteOnce

View as plain text