grafana-k8s容器化安装
环境信息
192.168.230.15 master
192.168.230.16 node1
192.168.230.17 node2
192.168.230.20 nfs(搭建可以看linux nfs搭建)
cd /opt
mkdir grafana
cat >> grafana.yaml << EOF
创建命名空间
apiVersion: v1
kind: Namespace
metadata:
name: my-grafana
创建存储类
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: grafana-nfs-storage
provisioner: k8s-sigs.io/nfs-subdir-external-provisioner # 指定NFS作为存储提供者
parameters:
archiveOnDelete: "false" # 当删除PVC时,是否归档存储卷
pvc
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: grafana-pvc
namespace: my-grafana
spec:
accessModes:
- ReadWriteOnce
storageClassName: grafana-nfs-storage
resources:
requests:
storage: 10Gi
create ServiceAccount
apiVersion: v1
kind: ServiceAccount
metadata:
name: grafana
namespace: my-grafana
create ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: grafana-clusterrole
rules:
- apiGroups: [""]
resources: ["persistentvolumes"]
verbs: ["get","list","watch","create","delete"] - apiGroups: [""]
resources: ["persistentvolumeclaims"]
verbs: ["get","list","watch","create","delete"] - apiGroups: ["storage.k8s.io"]
resources: ["storageclasses"]
verbs: ["get","list","watch","update"] - apiGroups: [""]
resources: ["events"]
verbs: ["create","update","patch"]
绑定 clusterrole 到 serviceaccount
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: grafana-clusterrolebinding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: grafana-clusterrole
subjects:
- kind: ServiceAccount
name: grafana
namespace: my-grafana
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: grafana
name: grafana
namespace: my-grafana
spec:
replicas: 1
selector:
matchLabels:
app: grafana
template:
metadata:
labels:
app: grafana
spec:
securityContext:
fsGroup: 472
runAsUser: 472
supplementalGroups:
- 0
serviceAccount: grafana
containers:
- name: mygrafana
image: grafana/grafana:latest
imagePullPolicy: IfNotPresent
ports:
- containerPort: 3000
name: http-grafana
protocol: TCP
readinessProbe:
failureThreshold: 3
httpGet:
path: /robots.txt
port: 3000
scheme: HTTP
initialDelaySeconds: 10
periodSeconds: 30
successThreshold: 1
timeoutSeconds: 2
livenessProbe:
failureThreshold: 3
initialDelaySeconds: 30
periodSeconds: 10
successThreshold: 1
tcpSocket:
port: 3000
timeoutSeconds: 1
resources:
requests:
cpu: 100m
memory: 520Mi
volumeMounts:
- mountPath: /var/lib/grafana
name: grafana-nfs
imagePullSecrets:
- name: regcred
volumes:
- name: grafana-nfs
nfs:
server: 192.168.230.20
path: /data/nfs
readOnly: false
apiVersion: v1
kind: Service
metadata:
name: grafana
namespace: my-grafana
spec:
type: NodePort
ports:
- port: 3000
protocol: TCP
targetPort: http-grafana
selector:
app: grafana
sessionAffinity: None
EOF
浙公网安备 33010602011771号