Grafana Dashboard
Grafana Dashboard
Section titled “Grafana Dashboard”With Helm Chart
Section titled “With Helm Chart”- If your Grafana is configured with the discovery sidecar, set
grafana.enabledvalue totrue. - If you’re using Grafana Operator, set
grafana.enabledtotrueandgrafana.grafanaDashboard.enabledvalue totrue.
See more configuration options here.
Without Helm Chart
Section titled “Without Helm Chart”- Download the dashboard’s JSON and save it in
kyverno-dashboard.json
curl -fsS https://raw.githubusercontent.com/kyverno/kyverno/main/charts/kyverno/charts/grafana/dashboard/kyverno-dashboard.json -o kyverno-dashboard.json- Open your Grafana portal and go to the option of importing a dashboard.
- Go to the “Upload JSON file” button, select the
kyverno-dashboard.jsonwhich you got in the first step and click on Import.
- Configure the fields according to your preferences and click on Import.
- And your dashboard will be ready in front of you.
Tutorial
Section titled “Tutorial”kind create clusterAdd Helm repositories.
helm repo add prometheus-community https://prometheus-community.github.io/helm-chartshelm repo add kyverno https://kyverno.github.io/kyverno/Update Helm repositories.
helm repo updateInstall Kyverno and the kube-prometheus-stack Helm chart.
helm install kyverno kyverno/kyverno --namespace kyverno --create-namespacehelm install monitoring prometheus-community/kube-prometheus-stack -n monitoring --create-namespace
kubectl -n monitoring get po -l "release"Create the ServiceMonitor resource.
Add the following contents to a file named service-monitor.yaml.
apiVersion: monitoring.coreos.com/v1kind: ServiceMonitormetadata: labels: app.kubernetes.io/instance: monitoring chart: kube-prometheus-stack-51.2.0 heritage: Helm release: monitoring name: service-monitor-kyverno-service namespace: monitoringspec: endpoints: - interval: 60s path: /metrics scheme: http targetPort: 8000 tlsConfig: insecureSkipVerify: true namespaceSelector: matchNames: - kyverno selector: matchLabels: app.kubernetes.io/instance: kyvernoAdd the appropriate labels.
kubectl label ns kyverno app.kubernetes.io/instance=kyvernokubectl label ns kyverno app.kubernetes.io/name=kyvernoCreate the ServiceMonitor.
kubectl apply -f service-monitor.yamlRestart Deployments and StatefulSets in the monitoring Namespace.
kubectl rollout restart deploy,sts -n monitoringCheck services in the monitoring Namespace.
kubectl get svc -n monitoring
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGEmonitoring-kube-prometheus-prometheus ClusterIP 10.96.238.189 <none> 9090/TCP,8080/TCP 4h16mPort forward the monitoring-kube-prometheus-prometheus Service to a local port.
kubectl port-forward svc/monitoring-kube-prometheus-prometheus 81:9090 -n monitoring
Forwarding from 127.0.0.1:81 -> 9090Forwarding from [::1]:81 -> 9090Similarly, port forward the monitoring-grafana Service to another local port.
kubectl get svc -n monitoring
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGEmonitoring-grafana ClusterIP 10.96.188.20 <none> 80/TCP 4h19m
kubectl port-forward svc/monitoring-grafana -n monitoring 82:3000
Forwarding from 127.0.0.1:82 -> 3000Forwarding from [::1]:82 -> 3000Go to Prometheus on port 9090 and check status -> Targets -> Filter for kyverno (to see if metrics are getting scraped)
Go to Grafana on port 3000 -> Dashboards -> New -> import -> Upload file that you get from running the below command -> Data type = Prometheus -> import
curl https://raw.githubusercontent.com/kyverno/grafana-dashboard/master/grafana/dashboard.json -o kyverno-dashboard.json