Deploy Grafana on Kubernetes

This page explains how to install and run Grafana on Kubernetes (K8S). It uses Kubernetes manifests for the setup. If you prefer Helm, refer to the Grafana Helm community charts.

Deploy Grafana OS on Kubernetes

This section explains how to install Grafana using Kubernetes. If you are interested in the Grafana Enterprise version of this information, see Deploy Grafana Enterprise on Kubernetes.

Create a Grafana Kubernetes manifest

  1. Create a file called grafana.yaml.
  2. Copy and paste the following contents and save the file.
  1. ---
  2. apiVersion: v1
  3. kind: PersistentVolumeClaim
  4. metadata:
  5.   name: grafana-pvc
  6. spec:
  7.   accessModes:
  8.     - ReadWriteOnce
  9.   resources:
  10.     requests:
  11.       storage: 1Gi
  12. ---
  13. apiVersion: apps/v1
  14. kind: Deployment
  15. metadata:
  16.   labels:
  17.     app: grafana
  18.   name: grafana
  19. spec:
  20.   selector:
  21.     matchLabels:
  22.       app: grafana
  23.   template:
  24.     metadata:
  25.       labels:
  26.         app: grafana
  27.     spec:
  28.       securityContext:
  29.         fsGroup: 472
  30.         supplementalGroups:
  31.           - 0
  32.       containers:
  33.         - name: grafana
  34.           image: grafana/grafana:8.4.4
  35.           imagePullPolicy: IfNotPresent
  36.           ports:
  37.             - containerPort: 3000
  38.               name: http-grafana
  39.               protocol: TCP
  40.           readinessProbe:
  41.             failureThreshold: 3
  42.             httpGet:
  43.               path: /robots.txt
  44.               port: 3000
  45.               scheme: HTTP
  46.             initialDelaySeconds: 10
  47.             periodSeconds: 30
  48.             successThreshold: 1
  49.             timeoutSeconds: 2
  50.           livenessProbe:
  51.             failureThreshold: 3
  52.             initialDelaySeconds: 30
  53.             periodSeconds: 10
  54.             successThreshold: 1
  55.             tcpSocket:
  56.               port: 3000
  57.             timeoutSeconds: 1
  58.           resources:
  59.             requests:
  60.               cpu: 250m
  61.               memory: 750Mi
  62.           volumeMounts:
  63.             - mountPath: /var/lib/grafana
  64.               name: grafana-pv
  65.       volumes:
  66.         - name: grafana-pv
  67.           persistentVolumeClaim:
  68.             claimName: grafana-pvc
  69. ---
  70. apiVersion: v1
  71. kind: Service
  72. metadata:
  73.   name: grafana
  74. spec:
  75.   ports:
  76.     - port: 3000
  77.       protocol: TCP
  78.       targetPort: http-grafana
  79.   selector:
  80.     app: grafana
  81.   sessionAffinity: None
  82.   type: LoadBalancer

Send the manifest to the Kubernetes API server

  1. Run the following command: kubectl apply -f grafana.yaml

  2. Check that it worked by running the following: kubectl port-forward service/grafana 3000:3000

  3. Navigate to localhost:3000 in your browser. You should see a Grafana login page.

  4. Use admin for both the username and password to login.

Deploy Grafana Enterprise on Kubernetes

The process for deploying Grafana Enterprise is almost identical to the preceding process, except for additional steps that are required for adding your license file.

Obtain Grafana Enterprise license

To run Grafana Enterprise, you need a valid license. To obtain a license, contact a Grafana Labs representative. This topic assumes that you have a valid license in a license.jwt file. Associate your license with a URL that you can use later in the topic.

Create license secret

Create a Kubernetes secret from your license file using the following command:

  1. kubectl create secret generic ge-license --from-file=/path/to/your/license.jwt

Create Grafana Enterprise configuration

Create a Grafana configuration file with the name grafana.ini. Then paste the content below.

Note: You will have to update the root_url field to the url associated with the license you were given.

  1. [enterprise]
  2. license_path = /etc/grafana/license/license.jwt
  3. [server]
  4. root_url =/your/license/root/url

Create Configmap for Grafana Enterprise configuration

Create a Kubernetes Configmap from your grafana.ini file with the following command:

  1. kubectl create configmap ge-config --from-file=/path/to/your/grafana.ini

Create Grafana Enterprise Kubernetes manifest

Create a grafana.yaml file, and copy-and-paste the following content into it. The YAML that follows is identical to the one for a Grafana installation, except for the additional references to the Configmap that contains your Grafana configuration file and the secret that has your license.

  1. ---
  2. apiVersion: v1
  3. kind: PersistentVolumeClaim
  4. metadata:
  5.   name: grafana-pvc
  6. spec:
  7.   accessModes:
  8.     - ReadWriteOnce
  9.   resources:
  10.     requests:
  11.       storage: 1Gi
  12. ---
  13. apiVersion: apps/v1
  14. kind: Deployment
  15. metadata:
  16.   labels:
  17.     app: grafana
  18.   name: grafana
  19. spec:
  20.   selector:
  21.     matchLabels:
  22.       app: grafana
  23.   template:
  24.     metadata:
  25.       labels:
  26.         app: grafana
  27.     spec:
  28.       securityContext:
  29.         fsGroup: 472
  30.         supplementalGroups:
  31.           - 0
  32.       containers:
  33.         - image: grafana/grafana-enterprise:latest
  34.           imagePullPolicy: IfNotPresent
  35.           name: grafana
  36.           ports:
  37.             - containerPort: 3000
  38.               name: http-grafana
  39.               protocol: TCP
  40.           readinessProbe:
  41.             failureThreshold: 3
  42.             httpGet:
  43.               path: /robots.txt
  44.               port: 3000
  45.               scheme: HTTP
  46.             initialDelaySeconds: 10
  47.             periodSeconds: 30
  48.             successThreshold: 1
  49.             timeoutSeconds: 2
  50.           resources:
  51.             limits:
  52.               memory: 4Gi
  53.             requests:
  54.               cpu: 100m
  55.               memory: 2Gi
  56.           volumeMounts:
  57.             - mountPath: /var/lib/grafana
  58.               name: grafana-pv
  59.             - mountPath: /etc/grafana
  60.               name: ge-config
  61.             - mountPath: /etc/grafana/license
  62.               name: ge-license
  63.       volumes:
  64.         - name: grafana-pv
  65.           persistentVolumeClaim:
  66.             claimName: grafana-pvc
  67.         - name: ge-config
  68.           configMap:
  69.             name: ge-config
  70.         - name: ge-license
  71.           secret:
  72.             secretName: ge-license
  73. ---
  74. apiVersion: v1
  75. kind: Service
  76. metadata:
  77.   name: grafana
  78. spec:
  79.   ports:
  80.     - port: 3000
  81.       protocol: TCP
  82.       targetPort: http-grafana
  83.   selector:
  84.     app: grafana
  85.   sessionAffinity: None
  86.   type: LoadBalancer

Caution: If you use LoadBalancer in the Service and depending on your cloud platform and network configuration, doing so might expose your Grafana instance to the Internet. To eliminate this risk, use ClusterIP to restrict access from within the cluster Grafana is deployed to.

  1. Send manifest to Kubernetes API Server kubectl apply -f grafana.yaml

  2. Check that it worked by running the following: kubectl port-forward service/grafana 3000:3000

  3. Navigate to localhost:3000 in your browser. You should see the Grafana login page.

  4. Use admin for both the username and password to login. If it worked, you should see Enterprise (Licensed) at the bottom of the page.