Grafana is a component in StreamNative Platform. It provides observability for StreamNative Platform. Grafana provides dashboards including brokers, bookies, zookeeper, proxy, topic, messages, and so on.
By default, Grafana is enabled with StreamNative Platform. To disable it, you can set
monitoring.grafana: false in the
values.yaml YAML file.
Configure CPU and memory resources
You can configure the requested and limited CPU and memory resources for the Grafana service in the
values.yaml YAML file. Then, you can use the
helm upgrade command to restart the StreamNative Platform to make updates effective. For more information about CPU and memory resources, see CPU and memory resources.
grafana: resources: # keep request = limit to keep this container in guaranteed class requests: cpu: memory: limits: cpu: memory:
Expose Grafana service
To expose the Grafana service using the LoadBalancer or NodePort, follow these steps.
Enable Grafana and configure the external domain in the
ingress: controller: enabled: true control_center: enabled: true endpoints: grafana: true external_domain: your.external.control.center.domain external_domain_scheme: http:// tls: enabled: false
In Nginx Ingress mode, if
ingress.control_center.tls.enabledis set to
http://. Otherwise, it should be
Execute the following command to get the external IP address of the Grafana service.
kubectl get svc/<release_name>-sn-platform-nginx-ingress-controller -n <k8s_namespace>
http://EXTERNAL_IP/grafanain your browser and then you can log in to Grafana.
Access Grafana service
After getting the external IP address of the Grafana service, you can access it using one of the following methods.
Basic authentication is enabled by default and works with the built-in Grafana user-password authentication system.
To access the Grafana service by using the username and password, you can specify the
password properties for the Grafana service in the
values.yaml YAML file as follows. By default, both the username and password are
grafana: admin: user: pulsar password: pulsar
Make sure to change the password after you log in to the Grafana Dashboard.
Azure AD OAuth2 authentication
The Azure AD authentication allows you to use an Azure Active Directory (Azure AD) tenant as an identity provider for Grafana. You can use Azure AD Application Roles to assign users and groups to Grafana roles from the Azure Portal.
To enable Azure AD OAuth2 authentication for Grafana, follow these steps.
Create an Azure AD OAuth client ID and an Azure AD OAuth client Secret. For details, see Create the Azure AD application.
Enable Azure AD OAuth2 authentication by setting the
trueand providing the Azure AD OAuth client ID and the Azure AD OAuth client Secret in the
values.yamlYAML file as follows.
grafana: azureAuthEnabled: true azuread: client_id: 'AZURE-AD-SSO-CLIENT-ID' client_secret: 'AZURE-AD-SSO-CLIENT-SECRET'
helm upgradecommand to update the resource
helm upgrade -f /path/to/your/values.yaml <release_name> streamnative/sn-platform -n <k8s_namespace>