apiVersion: apps/v1
kind: Deployment
metadata:
name: grafana
namespace: monitoring
spec:
selector:
matchLabels:
app: grafana
template:
metadata:
labels:
app: grafana
spec:
securityContext:
fsGroup: 472
supplementalGroups:
- 0
containers:
- name: grafana
image: grafana/grafana:10.0.3
ports:
- containerPort: 3000
readinessProbe:
failureThreshold: 3
httpGet:
path: /robots.txt
port: 3000
scheme: HTTP
initialDelaySeconds: 10
periodSeconds: 30
successThreshold: 1
timeoutSeconds: 2
livenessProbe:
failureThreshold: 3
initialDelaySeconds: 30
periodSeconds: 10
successThreshold: 1
tcpSocket:
port: 3000
timeoutSeconds: 1
resources:
requests:
cpu: 250m
memory: 750Mi
volumeMounts:
- name: grafana-pv
mountPath: /var/lib/grafana
- name: grafana-datasources-volume
mountPath: /etc/grafana/provisioning/datasources/default.yaml
subPath: default.yaml
env:
- name: GF_SECURITY_ADMIN_USER
valueFrom:
secretKeyRef:
name: grafana-secrets
key: admin-user
- name: GF_SECURITY_ADMIN_PASSWORD
valueFrom:
secretKeyRef:
name: grafana-secrets
key: admin-password
- name: GF_DATABASE_TYPE
value: postgres
- name: GF_DATABASE_USER
valueFrom:
secretKeyRef:
name: grafana-db
key: username
- name: GF_DATABASE_PASSWORD
valueFrom:
secretKeyRef:
name: grafana-db
key: password
- name: GF_DATABASE_URL
value: "postgres://$(GF_DATABASE_USER):$(GF_DATABASE_PASSWORD)@grafana-db-rw.monitoring.svc.cluster.local/grafana"
volumes:
- name: grafana-pv
persistentVolumeClaim:
claimName: grafana-pvc
- name: grafana-datasources-volume
configMap:
name: grafana-datasources