--- # tasks file for grafana - name: Create Grafana namespace k8s: state: present definition: apiVersion: v1 kind: Namespace metadata: name: grafana - name: Create PVC for MySQL k8s: state: present definition: apiVersion: v1 kind: PersistentVolumeClaim metadata: name: mysql namespace: grafana spec: accessModes: - ReadWriteOnce resources: requests: storage: 64Gi - name: Create Deployment for MySQL k8s: state: present definition: apiVersion: v1 kind: Deployment metadata: name: mysql namespace: grafana labels: app: mysql spec: replicas: 1 selector: matchLabels: app: mysql template: metadata: labels: app: mysql spec: containers: - name: mysql image: mysql volumeMounts: - name: data mountPath: /var/lib/mysql ports: - containerPort: 3306 env: - name: MYSQL_ROOT_PASSWORD value: "{{ mysql_root_password }}" - name: MYSQL_DATABASE value: grafana - name: MYSQL_USER value: grafana - name: MYSQL_PASSWORD value: "{{ grafana_mysql_password }}" volumes: - name: data persistentVolumeClaim: claimName: mysql - name: Create Service for MySQL k8s: state: present definition: apiVersion: v1 kind: Service metadata: name: mysql namespace: grafana spec: selector: app: mysql ports: - port: 3306 name: mysql type: ClusterIP - name: Create a config map for grafana k8s: state: present api_version: v1 kind: ConfigMap name: grafana namespace: grafana definition: data: ldap.toml: "{{ lookup('template', 'ldap.toml.j2') }}" - name: Create Deployment for Grafana k8s: state: present definition: apiVersion: v1 kind: Deployment metadata: name: grafana namespace: grafana labels: app: grafana spec: replicas: 1 selector: matchLabels: app: grafana template: metadata: labels: app: grafana spec: containers: - name: grafana image: grafana/grafana ports: - containerPort: 3000 env: - name: GF_DATABASE_TYPE value: mysql - name: GF_DATABASE_HOST value: mysql - name: GF_DATABASE_USER value: grafana - name: GF_DATABASE_PASSWORD value: "{{ grafana_mysql_password }}" - name: GF_AUTH_LDAP_ENABLED value: "true" - name: GF_AUTH_LDAP_CONFIG_FILE value: /etc/grafana/cm/ldap.toml - name: GF_AUTH_LDAP_ALLOW_SIGN_UP value: "true" volumeMounts: - name: config mountPath: /etc/grafana/cm volumes: - name: config configMap: name: grafana - name: Create Service for Grafana k8s: state: present definition: apiVersion: v1 kind: Service metadata: name: grafana namespace: grafana spec: selector: app: grafana ports: - port: 80 targetPort: 3000 name: grafana type: ClusterIP - name: Create Ingress k8s: state: present definition: apiVersion: networking.k8s.io/v1 kind: Ingress metadata: annotations: cert-manager.io/cluster-issuer: ca-issuer name: grafana namespace: grafana spec: ingressClassName: nginx rules: - host: grafana.eom.dev http: paths: - pathType: Prefix path: / backend: service: name: grafana port: number: 80 tls: - hosts: - grafana.eom.dev secretName: grafana