Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Action] Make Grafana dashboards publicly accessible from cluster #31

Open
2 of 4 tasks
rossf7 opened this issue Jan 23, 2024 · 18 comments
Open
2 of 4 tasks

[Action] Make Grafana dashboards publicly accessible from cluster #31

rossf7 opened this issue Jan 23, 2024 · 18 comments

Comments

@rossf7
Copy link
Contributor

rossf7 commented Jan 23, 2024

This issue is to make our Grafana dashboards public accessible from our Equinix cluster.

We already have the Kepler dashboard deployed by Flux #16

For #20 we want to be able to visualize the metrics we are interested in collecting.

Tasks

Networking

  • Currently the Equinix cluster managed by opentofu doesn't have a publicly accessible Ingress or Gateway API
  • We can configure elastic IPs for our Equinix nodes via the TF provider https://deploy.equinix.com/developers/docs/metal/networking/elastic-ips/
  • We have Traefik deployed as an ingress controller as part of K3s
  • kube-prometheus-stack helm chart lets us deploy an ingress for Grafana
  • We can deploy cert-manager with LetsEncrypt to have an SSL cert

Open Questions

  • How do we get a publicly accessible DNS entry? e.g. tag-env-green-reviews.cncf.io
@rossf7 rossf7 changed the title [Action] Make Grafana dashboards public accessible from cluster [Action] Make Grafana dashboards publicly accessible from cluster Jan 23, 2024
@rossf7 rossf7 added the good first issue Good for newcomers label Jan 24, 2024
@dipankardas011
Copy link
Contributor

I Can help with this issue

@rossf7
Copy link
Contributor Author

rossf7 commented Jan 24, 2024

@dipankardas011 thanks for taking #30

@greenscale-nandesh thanks for taking this one. As of #36 the K3s install of Traefik is now deployed to the cluster.

As a starting point it would be worth investigating if we can enable the Grafana ingress via the kube-prometheus-stack helm chart

https://github.com/prometheus-community/helm-charts/tree/main/charts/kube-prometheus-stack

We can then look into getting a DNS entry and cert. We should also investigate adding an elastic IP to the worker node.
https://deploy.equinix.com/developers/docs/metal/networking/elastic-ips/

Nandesh, let me know if anything is unclear or you want to sync on this.

@rossf7 rossf7 removed good first issue Good for newcomers help wanted Extra attention is needed labels Jan 24, 2024
@nikimanoledaki nikimanoledaki moved this from Backlog to In Progress in TAG-Environmental-Sustainability Jan 30, 2024
@rossf7 rossf7 self-assigned this Feb 7, 2024
@rossf7
Copy link
Contributor Author

rossf7 commented Feb 7, 2024

We would like to have a DNS record for the cluster so we can have public grafana dashboards.

e.g. tag-env-green-reviews.cncf.io

@leonardpahlke Could you help with this?

@leonardpahlke
Copy link
Member

Yes. I can open a ticket once we have an elastic IP and a dashboard to display smth. I would ask for green-reviews.tag-env-sustainability.cncf.io

@rossf7
Copy link
Contributor Author

rossf7 commented Mar 5, 2024

@nikimanoledaki @leonardpahlke @AntonioDiTuri Grafana is now available via the elastic ip '147.75.40.83' should we go with green-reviews.tag-env-sustainability.cncf.io as the domain?

You can access it at http://147.75.40.83/

@dipankardas011
Copy link
Contributor

Given: docs/home page tag-env-sustainability.cncf.io

we have this subdomain *.green-reviews.tag-env-sustainability.cncf.io

@dipankardas011
Copy link
Contributor

for what all things we need to decide the domain for?

@leonardpahlke
Copy link
Member

We can get the domain registered. If we plan to have other pages too we could also opt for dash-green-reviews.tag-env-sustainability.cncf.io or dash.green-reviews.tag-env-sustainability.cncf.io & later docs.greeen-reviews.tag-env-sustainability.cncf.io.

@AntonioDiTuri
Copy link
Contributor

+1 For

  • dash.green-reviews.tag-env-sustainability.cncf.io
  • docs.greeen-reviews.tag-env-sustainability.cncf.io

@rossf7
Copy link
Contributor Author

rossf7 commented Mar 25, 2024

I think the dashboard is the primary site so what about using green-reviews.tag-env-sustainability.cncf.io for that?

+1 for docs.green-reviews.tag-env-sustainability.cncf.io

@dipankardas011
Copy link
Contributor

I think the dashboard is the primary site so what about using green-reviews.tag-env-sustainability.cncf.io for that?

what about grafana.green-reviews.tag-env-sustainability.cncf.io for the dasbooard
😄

@dipankardas011
Copy link
Contributor

for the docs it might be good if we keep it as the root of the subdomain and all other in the subdomain like *.green-reviews...

@rossf7
Copy link
Contributor Author

rossf7 commented Apr 10, 2024

@leonardpahlke like we agreed in WG meeting domain will be dash.green-reviews.tag-env-sustainability.cncf.io and the elastic IP is 147.75.40.83

@leonardpahlke
Copy link
Member

👍 - 147.75.40.83 leads to a Grafana page where you need to provide credentials. Do we plan to make this page public?

@leonardpahlke
Copy link
Member

will wait for #65 (comment) - so we register both CNAME’s at once

@dipankardas011
Copy link
Contributor

had one question what are we going to use nginx lb or nginx gateway api?

@rossf7
Copy link
Contributor Author

rossf7 commented Apr 11, 2024

147.75.40.83 leads to a Grafana page where you need to provide credentials. Do we plan to make this page public?

@leonardpahlke We can share the SCI dashboard publicly but it will need code changes because we use template variables which is not supported grafana/grafana#67346 (comment)

had one question what are we going to use nginx lb or nginx gateway api?

@dipankardas011 Grafana already has an ingress managed via the helm chart. We use the traefik ingress controller that ships with k3s.

We will likely need to add cert-manager to the cluster managed by Flux and configure LetsEncrypt to issue a cert. Once the domain is set up we can add that.

@leonardpahlke
Copy link
Member

@leonardpahlke like we agreed in WG meeting domain will be dash.green-reviews.tag-env-sustainability.cncf.io and the elastic IP is 147.75.40.83

opened a servicedesk ticket

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

5 participants