--- # tasks file for grafana - name: Create monitoring namespace k8s: state: present definition: apiVersion: v1 kind: Namespace metadata: name: monitor - name: Create PVC for MySQL k8s: state: present definition: apiVersion: v1 kind: PersistentVolumeClaim metadata: name: mysql namespace: monitor spec: accessModes: - ReadWriteOnce resources: requests: storage: 64Gi - name: Create Deployment for MySQL k8s: state: present definition: apiVersion: v1 kind: Deployment metadata: name: mysql namespace: monitor labels: app: mysql spec: replicas: 1 selector: matchLabels: app: mysql template: metadata: labels: app: mysql spec: containers: - name: mysql image: mysql volumeMounts: - name: data mountPath: /var/lib/mysql ports: - containerPort: 3306 env: - name: MYSQL_ROOT_PASSWORD value: "{{ mysql_root_password }}" - name: MYSQL_DATABASE value: grafana - name: MYSQL_USER value: grafana - name: MYSQL_PASSWORD value: "{{ grafana_mysql_password }}" volumes: - name: data persistentVolumeClaim: claimName: mysql - name: Create Service for MySQL k8s: state: present definition: apiVersion: v1 kind: Service metadata: name: mysql namespace: monitor spec: selector: app: mysql ports: - port: 3306 name: mysql type: ClusterIP - name: Create PVC for InfluxDB k8s: state: present definition: apiVersion: v1 kind: PersistentVolumeClaim metadata: name: influxdb namespace: monitor spec: accessModes: - ReadWriteOnce resources: requests: storage: 128Gi - name: Create Deployment for InfluxDB k8s: state: present definition: apiVersion: v1 kind: Deployment metadata: name: influxdb namespace: monitor labels: app: influxdb spec: replicas: 1 selector: matchLabels: app: influxdb template: metadata: labels: app: influxdb spec: containers: - name: influxdb image: influxdb volumeMounts: - name: data mountPath: /var/lib/influxdb ports: - containerPort: 8086 volumes: - name: data persistentVolumeClaim: claimName: influxdb - name: Create Service for InfluxDB k8s: state: present definition: apiVersion: v1 kind: Service metadata: name: influxdb namespace: monitor spec: selector: app: influxdb ports: - port: 80 targetPort: 8086 name: influxdb type: ClusterIP - name: Create Deployment for Grafana k8s: state: present definition: apiVersion: v1 kind: Deployment metadata: name: grafana namespace: monitor labels: app: grafana spec: replicas: 1 selector: matchLabels: app: grafana template: metadata: labels: app: grafana spec: containers: - name: grafana image: grafana/grafana ports: - containerPort: 3000 env: - name: GF_DATABASE_TYPE value: mysql - name: GF_DATABASE_HOST value: mysql - name: GF_DATABASE_USER value: grafana - name: GF_DATABASE_PASSWORD value: "{{ grafana_mysql_password }}" - name: Create Service for Grafana k8s: state: present definition: apiVersion: v1 kind: Service metadata: name: grafana namespace: monitor spec: selector: app: grafana ports: - port: 80 targetPort: 3000 name: grafana type: ClusterIP - name: Create Ingress k8s: state: present definition: apiVersion: networking.k8s.io/v1 kind: Ingress metadata: annotations: cert-manager.io/cluster-issuer: ca-issuer name: grafana namespace: monitor spec: ingressClassName: nginx rules: - host: monitor.eom.dev http: paths: - pathType: Prefix path: / backend: service: name: grafana port: number: 80 - pathType: Prefix path: /influxdb backend: service: name: influxdb port: number: 80 tls: - hosts: - monitor.eom.dev secretName: monitor - name: Create Network Policy k8s: state: present definition: apiVersion: networking.k8s.io/v1 kind: NetworkPolicy metadata: name: networkpolicy namespace: monitor spec: podSelector: matchLabels: app: monitor policyTypes: - Ingress ingress: - from: - ipBlock: cidr: 192.168.1.0/24