Running Prometheus & Grafana

Install Prometheus & Grafana

This is an example deployment that includes Prometheus and Grafana in a single deployment.

The default installation contains:

  • Grafana: A visualization dashboard with Cilium Dashboard pre-loaded.

  • Prometheus: a time series database and monitoring system.

  1. $ kubectl apply -f https://raw.githubusercontent.com/cilium/cilium/v1.12/examples/kubernetes/addons/prometheus/monitoring-example.yaml
  2. namespace/cilium-monitoring created
  3. serviceaccount/prometheus-k8s created
  4. configmap/grafana-config created
  5. configmap/grafana-cilium-dashboard created
  6. configmap/grafana-cilium-operator-dashboard created
  7. configmap/grafana-hubble-dashboard created
  8. configmap/prometheus created
  9. clusterrole.rbac.authorization.k8s.io/prometheus unchanged
  10. clusterrolebinding.rbac.authorization.k8s.io/prometheus unchanged
  11. service/grafana created
  12. service/prometheus created
  13. deployment.apps/grafana created
  14. deployment.apps/prometheus created

This example deployment of Prometheus and Grafana will automatically scrape the Cilium and Hubble metrics. See the Monitoring & Metrics configuration guide on how to configure a custom Prometheus instance.

Deploy Cilium and Hubble with metrics enabled

Cilium, Hubble, and Cilium Operator do not expose metrics by default. Enabling metrics for these services will open ports 9962, 9965, and 9963 respectively on all nodes of your cluster where these components are running.

The metrics for Cilium, Hubble, and Cilium Operator can all be enabled independently of each other with the following Helm values:

  • prometheus.enabled=true: Enables metrics for cilium-agent.

  • operator.prometheus.enabled=true: Enables metrics for cilium-operator.

  • hubble.metrics.enabled: Enables the provided list of Hubble metrics. For Hubble metrics to work, Hubble itself needs to be enabled with hubble.enabled=true. See Hubble exported metrics for the list of available Hubble metrics.

Refer to Monitoring & Metrics for more details about the individual metrics.

Note

Make sure you have Helm 3 installed. Helm 2 is no longer supported.

Setup Helm repository:

  1. helm repo add cilium https://helm.cilium.io/

Deploy Cilium via Helm as follows to enable all metrics:

  1. helm install cilium cilium/cilium --version 1.12.0 \
  2.    --namespace kube-system \
  3.    --set prometheus.enabled=true \
  4.    --set operator.prometheus.enabled=true \
  5.    --set hubble.enabled=true \
  6.    --set hubble.metrics.enabled="{dns,drop,tcp,flow,port-distribution,icmp,http}"

Note

You can combine the above Helm options with any of the other installation guides.

How to access Grafana

Expose the port on your local machine

  1. kubectl -n cilium-monitoring port-forward service/grafana --address 0.0.0.0 --address :: 3000:3000

Access it via your browser: http://localhost:3000

How to access Prometheus

Expose the port on your local machine

  1. kubectl -n cilium-monitoring port-forward service/prometheus --address 0.0.0.0 --address :: 9962:9962

Access it via your browser: http://localhost:9962

Examples

Generic

../../_images/grafana_generic.png

Network

../../_images/grafana_network.png

Policy

../../_images/grafana_policy.png ../../_images/grafana_policy2.png

Endpoints

../../_images/grafana_endpoints.png

Controllers

../../_images/grafana_controllers.png

Kubernetes

../../_images/grafana_k8s.png

Hubble General Processing

../../_images/grafana_hubble_general_processing.png

Hubble Networking

Note

The port-distribution metric is disabled by default. Refer to Monitoring & Metrics for more details about the individual metrics.

../../_images/grafana_hubble_network.png ../../_images/grafana_hubble_tcp.png ../../_images/grafana_hubble_icmp.png

Hubble DNS

../../_images/grafana_hubble_dns.png

Hubble HTTP

../../_images/grafana_hubble_http.png

Hubble Network Policy

../../_images/grafana_hubble_network_policy.png