search

grafana / kubernetes-app

A set of dashboards and panels for kubernetes.
https://grafana.com/plugins/grafana-kubernetes-app
Apache License 2.0
401 stars 149 forks source link

Add info that kubernetes legacy authorization is a requirement to run the plugin #52

Open JCMais opened 6 years ago

JCMais commented 6 years ago

After some debugging on why the plugin was working on our dev cluster but was not working for our staging one, I've found that it requires legacy authorization to be enabled on the cluster.

See https://cloud.google.com/kubernetes-engine/docs/how-to/role-based-access-control for more details on the legacy authorization model.

On GKE this can be changed here: image

It would be much better if the plugin could support token authentication (like mentioned in one of the issues below), or allow to use service account directly (in case it was deployed to the same cluster it's going to connect).

Currently I've just removed everything related to the Kubernetes Datasource provided by this plugin and changed the dashboards according, so basically the plugin is not used anymore.

Most of the variables can be replaced to use some prometheus metric:

$node can be label_values(kube_node_info, node) $namespace can be label_values(kube_namespace_created, namespace)

Both metrics are from kube-state-metrics.

There are other issues that are probably related to this one: https://github.com/grafana/kubernetes-app/issues/12 https://github.com/grafana/kubernetes-app/issues/22 https://github.com/grafana/kubernetes-app/issues/34 https://github.com/grafana/kubernetes-app/issues/41 https://github.com/grafana/kubernetes-app/issues/47

azelezni commented 5 years ago

could you share the modified dashboards?

JCMais commented 5 years ago

@azelezni yes, here they are https://gist.github.com/JCMais/a0750ee1cc4186909d3caddcf5e08d30

You probably will need to change the datasources to point to the correct prometheus one.

emcfarlane commented 5 years ago

Solved the issue by running kubectl as a sidecar to grafana. Would be nice to use without kubectl api access though.

        - name: kubectl
          image: lachlanevenson/k8s-kubectl:latest
          command:
            - kubectl
            - proxy
geojaz commented 4 years ago

I ran into a similar issue and wonder if this plugin is still actually being supported?

If you already have prometheus running and grafana pulling that data, you might want to check https://github.com/helm/charts/tree/master/stable/prometheus-operator/templates/grafana/dashboards for some solid starting dashboards.