This is the Stable version of the documentation. The latest version is experimental and under active development. You can use the version selector in the top-right menu to switch versions for this specific page, or click here to go to the latest version's homepage.
Grafana Health Checks for Opstella Installation
เนื้อหานี้ยังไม่มีในภาษาของคุณ
Prerequisites
Section titled “Prerequisites”Kubernetes Cluster
Section titled “Kubernetes Cluster”Grafana Health Checks for Opstella will be installed on 🟢 Management Kubernetes Cluster
Expose /ready Path from Mimir, Loki, and Tempo (All in Distributed Deployment Mode) for Opstella to Check for their Health through Ingress.
Re-using Grafana Dashboard Domain and separate traffic with query paths as the following,
Grafana Mimir:
$GRAFANA_DASHBOARD_DOMAIN/mimir/read/ready- Checkquerierservice$GRAFANA_DASHBOARD_DOMAIN/mimir/write/ready- Checkdistributorservice$GRAFANA_DASHBOARD_DOMAIN/mimir/backend/ready- Checkingesterservice
Optionally Learn More about sub-components (Micro-Services) from Grafana Mimir Architecture
Grafana Loki:
$GRAFANA_DASHBOARD_DOMAIN/loki/read/ready- Checkquerierservice$GRAFANA_DASHBOARD_DOMAIN/loki/write/ready- Checkdistributorservice$GRAFANA_DASHBOARD_DOMAIN/loki/backend/ready- Checkingesterservice
Optionally Learn More about sub-components (Micro-Services) from Grafana Loki Architecture
Grafana Tempo:
$GRAFANA_DASHBOARD_DOMAIN/tempo/read/ready- Checkquerierservice$GRAFANA_DASHBOARD_DOMAIN/tempo/write/ready- Checkdistributorservice$GRAFANA_DASHBOARD_DOMAIN/tempo/backend/ready- Checkingesterservice
Optionally Learn More about sub-components (Micro-Services) from Grafana Tempo Architecture
- 📥Ingress Service provided as Kubernetes Ingress Class (
IngressClass) - 🛡️TLS Certificate for Grafana Dashboard provided as Kubernetes Secret
- Grafana Dashboard will be exposed as HTTPS with Kubernetes Ingress.
Kubernetes Cluster Prerequisites
Section titled “Kubernetes Cluster Prerequisites”- 🛡️TLS Certificate for Grafana Health Checks for Opstella
- Grafana Health Checks for Opstella will be exposed through Web with HTTPS with Kubernetes Ingress configured with TLS Certificate located within Kubernetes Cluster.
Complete Prerequisites
Section titled “Complete Prerequisites”Kubernetes Cluster
Section titled “Kubernetes Cluster”-
Connect to
🟢 ManagementKubernetes Cluster ; i.e w/ Kubeconfig FileEnsure you have defined and loaded your Global Shell Variables as described in Shell Variables.
Terminal window source $HOME/opstella-installation/shell-values/kubernetes/management_cluster.vars.shTerminal window export KUBECONFIG="$HOME/opstella-installation/kubeconfigs/management_cluster.yaml" -
Create Kubernetes Secret for TLS Certificate in Namespace
observability-system. (If you not have it done.)Kubernetes Ingress for DefectDojo will associate TLS Certificate with Kubernetes Secret named
wildcard-${BASE_DOMAIN}-tls.Ensure
K8S_INGRESS_TLS_CERTIFICATE_SECRET_NAMEis defined.If not, create one using from
.crtand.keyfile.Terminal window kubectl create secret tls $K8S_INGRESS_TLS_CERTIFICATE_SECRET_NAME \--cert=/path/to/cert/file --key=/path/to/key/file \--namespace observability-system -
Prepare
🟢 ManagementKubernetes Cluster InformationEnsure
GRAFANA_DASHBOARD_DOMAIN,K8S_INGRESSCLASS_NAME,K8S_INGRESS_TLS_CERTIFICATE_SECRET_NAMEare defined as per the Shell Variables guide.
Installation Preparations
Section titled “Installation Preparations”Kubernetes Manifest Preparation
Section titled “Kubernetes Manifest Preparation”-
Create Kubernetes Manifest Configuration
Terminal window cat <<EOF >> $HOME/opstella-installation/kubernetes-manifests/grafana-ltm-healthcheck-ingress.yamlapiVersion: networking.k8s.io/v1kind: Ingressmetadata:name: grafana-ltm-healthchecknamespace: observability-systemannotations:nginx.ingress.kubernetes.io/rewrite-target: /readyspec:ingressClassName: ${K8S_INGRESSCLASS_NAME}tls:- secretName: ${K8S_INGRESS_TLS_CERTIFICATE_SECRET_NAME}hosts:- ${GRAFANA_DASHBOARD_DOMAIN}rules:- host: ${GRAFANA_DASHBOARD_DOMAIN}http:paths:## LOKI- path: /loki/read/readypathType: Prefixbackend:service:name: grafana-loki-querierport:number: 3100- path: /loki/write/readypathType: Prefixbackend:service:name: grafana-loki-distributorport:number: 3100- path: /loki/backend/readypathType: Prefixbackend:service:name: grafana-loki-ingesterport:number: 3100## MIMIR- path: /mimir/read/readypathType: Prefixbackend:service:name: grafana-mimir-querierport:number: 8080- path: /mimir/write/readypathType: Prefixbackend:service:name: grafana-mimir-distributorport:number: 8080- path: /mimir/backend/readypathType: Prefixbackend:service:name: grafana-mimir-ingesterport:number: 8080## TEMPO- path: /tempo/read/readypathType: Prefixbackend:service:name: grafana-tempo-querierport:number: 3200- path: /tempo/write/readypathType: Prefixbackend:service:name: grafana-tempo-distributorport:number: 3200- path: /tempo/backend/readypathType: Prefixbackend:service:name: grafana-tempo-ingesterport:number: 3200EOF
Installation
Section titled “Installation”-
Apply Kubernetes Manifests
Terminal window kubectl apply --namespace observability-system \-f $HOME/opstella-installation/kubernetes-manifests/grafana-ltm-healthcheck-ingress.yaml
Finished?
Use the below navigation to proceed