How to add default json dashboard template while deploying using yaml

Question

I am trying to get default Grafana dashboard and admin username/password on deploy.

I tried creating values.yaml but doesn't seem like its working

---
apiVersion: v1
kind: ConfigMap
metadata:
  name: grafana
  namespace: monitoring
  labels:
    grafana_dashboard: "1"
data:
  dashboard-k8.json: | (3)
    ${indent(4, data)}

Is there any better working way to do this? and I used same method for default username and password for grafana.

I am working on a maintenance project so its not new installation of Grafana. But, the requirement is to have default dashboard set with new admin username and password when the service is deployed.

Answer 1

As per the grafana docker documentation, any config in the grafana.ini file can be set at runtime using environment variables of the format GF_<SectionName>_<KeyName>__FILE, which represent paths to files containing the actual value. So we can use the environment variables GF_SECURITY_ADMIN_USER__FILE, GF_SECURITY_ADMIN_PASSWORD__FILE and GF_DASHBOARDS_DEFAULT_HOME_DASHBOARD_PATH__FILE, to set the admin username, password and the dashboard that is opened at launch.

According to the instructions in this answer, we can use a dashboard provider of type file to import dashboards from files.

Using both these techniques together, I think I was able to get what you wanted.

Steps performed:

• Created a secret that contains the admin password. At runtime, the password gets mounted into the grafana container at /etc/secrets/admin_password and environment variable GF_SECURITY_ADMIN_PASSWORD__FILE gets set to /etc/secrets/admin_password
• Created a config map that contains the dashboard provider config which gets mounted as /etc/grafana/provisioning/dashboards/main.yaml
• Created another config map that contains the admin user and default dashboard path. These values are exposed to the container as files /etc/config/admin_user and /etc/config/default_home_dashboard_path, with those file paths set to the GF_SECURITY_ADMIN_PASSWORD__FILE and GF_DASHBOARDS_DEFAULT_HOME_DASHBOARD_PATH__FILE environment variables
• Created another config map which contains the JSON for the default dashboard. The JSON file gets mounted as /var/lib/grafana/dashboards/test-dashboard.json, with the text /var/lib/grafana/dashboards/test-dashboard.json exposed as /etc/config/default_home_dashboard_path(set in the previous step)

Config map for the dashboard JSON:

---
apiVersion: v1
kind: ConfigMap
metadata:
  namespace: default
  labels:
    app: grafana
  name: grafana-dashboards
data:
  test-dashboard.json: |-
    {
      "annotations": {
        "list": [
      ...truncated...
    }

Other config maps and deployment spec:

---
apiVersion: v1
kind: Secret
metadata:
  namespace: default
  labels:
    app: grafana
  name: grafana-secrets
type: Opaque
stringData:
  admin_password: testpwd
  
---
apiVersion: v1
kind: ConfigMap
metadata:
  namespace: default
  labels:
    app: grafana
  name: grafana-dashboard-provider
data:
  dashboard.yml: |-
    ---
    apiVersion: 1

    providers:
      - name: "Dashboard provider"
        orgId: 1
        type: file
        disableDeletion: false
        updateIntervalSeconds: 10
        allowUiUpdates: false
        options:
          path: /var/lib/grafana/dashboards
          foldersFromFilesStructure: true
          
---
apiVersion: v1
kind: ConfigMap
metadata:
  namespace: default
  labels:
    app: grafana
  name: grafana-config
data:
  admin_user: testuser
  default_home_dashboard_path: /var/lib/grafana/dashboards/test-dashboard.json        

---
apiVersion: apps/v1
kind: Deployment
metadata:
  namespace: default
  labels:
    app: grafana
  name: grafana
spec:
  selector:
    matchLabels:
      app: grafana
  template:
    metadata:
      labels:
        app: grafana
    spec:
      volumes:
        - name: secret-volume
          secret:
            secretName: grafana-secrets
            items:
              - key: admin_password
                path: admin_password
        - name: dashboard-provider-volume
          configMap:
            name: grafana-dashboard-provider
            items:
              - key: dashboard.yml
                path: main.yaml
        - name: dashboards-volume
          configMap:
            name: grafana-dashboards
            items:
              - key: test-dashboard.json
                path: test-dashboard.json
        - name: config-volume
          configMap:
            name: grafana-config
            items:
              - key: admin_user
                path: admin_user
              - key: default_home_dashboard_path
                path: default_home_dashboard_path          
      containers:
        - name: grafana
          image: grafana/grafana-oss:9.5.1
          imagePullPolicy: IfNotPresent
          ports:
            - containerPort: 3000
          volumeMounts:
            - name: secret-volume
              mountPath: /etc/secrets
            - name: dashboard-provider-volume
              mountPath: /etc/grafana/provisioning/dashboards
            - name: dashboards-volume
              mountPath: /var/lib/grafana/dashboards
            - name: config-volume
              mountPath: /etc/config
          env:
            - name: GF_SECURITY_ADMIN_PASSWORD__FILE
              value: /etc/secrets/admin_password
            - name: GF_SECURITY_ADMIN_USER__FILE
              value: /etc/config/admin_user
            - name: GF_DASHBOARDS_DEFAULT_HOME_DASHBOARD_PATH__FILE
              value: /etc/config/default_home_dashboard_path

The complete config files can be found on github