apiVersion: apps/v1 kind: Deployment metadata: name: grafana namespace: monitoring spec: selector: matchLabels: app: grafana template: metadata: labels: app: grafana spec: securityContext: fsGroup: 472 supplementalGroups: - 0 containers: - name: grafana image: grafana/grafana:10.0.3 ports: - containerPort: 3000 readinessProbe: failureThreshold: 3 httpGet: path: /robots.txt port: 3000 scheme: HTTP initialDelaySeconds: 10 periodSeconds: 30 successThreshold: 1 timeoutSeconds: 2 livenessProbe: failureThreshold: 3 initialDelaySeconds: 30 periodSeconds: 10 successThreshold: 1 tcpSocket: port: 3000 timeoutSeconds: 1 resources: requests: cpu: 250m memory: 750Mi volumeMounts: - name: grafana-pv mountPath: /var/lib/grafana - name: grafana-datasources-volume mountPath: /etc/grafana/provisioning/datasources/default.yaml subPath: default.yaml env: - name: GF_SECURITY_ADMIN_USER valueFrom: secretKeyRef: name: grafana-secrets key: admin-user - name: GF_SECURITY_ADMIN_PASSWORD valueFrom: secretKeyRef: name: grafana-secrets key: admin-password - name: GF_DATABASE_TYPE value: postgres - name: GF_DATABASE_USER valueFrom: secretKeyRef: name: grafana-db key: username - name: GF_DATABASE_PASSWORD valueFrom: secretKeyRef: name: grafana-db key: password - name: GF_DATABASE_URL value: "postgres://$(GF_DATABASE_USER):$(GF_DATABASE_PASSWORD)@grafana-db-rw.monitoring.svc.cluster.local/grafana" volumes: - name: grafana-pv persistentVolumeClaim: claimName: grafana-pvc - name: grafana-datasources-volume configMap: name: grafana-datasources