Setting up connection to PostgreSQL in Grafana on start up - postgresql

I need to set up a datasource in Grafana upon start up with a PostgreSQL. If I understood the website correctly I just had to add a YAML file in the provisioning/datasources directory. I have set it up, but when I look at the logs it doesnt even seem like any attempt at a connection was made, since I do not see any errors, and when I look for the data source it is not listed. Anyone know how to do this correctly? Here is my YAML file.
apiVersion: 1
datasources:
- name: YOLOv5
type: PostgreSQL
access: proxy
orgId: 1
uid: my_unique_uid
url: http://localhost:5432
user: user
database: test
basicAuth:
basicAuthUser: user
withCredentials:
isDefault:
jsonData:
postgresVersion: '15.1'
tlsAuth: false
tlsAuthWithCACert: false
secureJsonData:
password: password
basicAuthPassword: password
version: 1
editable: false

Related

How to use external database (AWS RDS) with Bitnami Keycloak

I'm trying to use Bitnami Keycloak Helm, which has an internal dependency on Bitnami PostgreSQL that I cannot use. I have to use our existing RDS as an external DB, which seems possible but instruction on this page is completely empty. Unfortunately, I can only use the Bitnami helm for Keycloak, FYI. Can anyone point me to the right direction or show what and where to change the stock chart to make it happen pls? Not getting much luck with Google atm.
Thanks in advance!
You need to use a sidecar container which will handle authorization and proxy the db calls from keycloak to your managed database :
[keycloak] --localhost:XXXX-> [sidecar container] -> [Aws RDS]
You'll find documentation for this on the bitnami chart github repo : https://github.com/bitnami/charts/tree/master/bitnami/keycloak#use-sidecars-and-init-containers
On the stock chart, you can set these properties:
postgresql:
enabled: false
externalDatabase:
host: ${DB_URL}
port: ${DB_PORT}
user: ${DB_USERNAME}
database: ${DB_NAME}
password: ${DB_PASSWORD}
If you need high availability, i.e will be running keycloak with multiple replicas, add the below as well:
cache:
enabled: true
extraEnvVars:
- name: KC_CACHE
value: ispn
- name: KC_CACHE_STACK
value: kubernetes
- name: JGROUPS_DISCOVERY_PROTOCOL
value: "JDBC_PING"
Sources:
https://github.com/bitnami/charts/tree/master/bitnami/keycloak/#keycloak-cache-parameters
https://github.com/bitnami/charts/tree/master/bitnami/keycloak/#database-parameters
https://www.keycloak.org/server/caching#_relevant_options

Datasource config for Azure Monitor datasource in kube-prometheus-stack

I'm trying to figure out how to configure an Azure Monitor datasource for Grafana.
What works so far is that the datasource is listed in Grafana when I deploy the stack via HELM.
This is the respective config from my values.yml:
grafana:
additionalDataSources:
- name: Azure Monitor
type: grafana-azure-monitor-datasource
version: 1
id: 2
orgId: 1
typeLogoUrl: public/app/plugins/datasource/grafana-azure-monitor-datasource/img/logo.jpg
url: /api/datasources/proxy/2
access: proxy
isDefault: false
readOnly: false
editable: true
jsonData:
timeInterval: 30s
azureLogAnalyticsSameAs: true
cloudName: azuremonitor
clientId: $GF_AZURE_CLIENT_ID
tenantId: $GF_AZURE_TENANT_ID
subscriptionId: $GF_AZURE_SUBSCRIPTION_ID
Now, everytime grafana restarts, I'd need to set the client secret again.
Is there any way to configure it directly for the startup of Grafana, as well as the Default subscription being used?
I finally found the missing key:
grafana:
additionalDataSources:
- name: Azure Monitor
...
jsonData:
...
secureJsonData: # the missing piece
clientSecret: $GF_AZURE_CLIENT_SECRET
The client secret has to be passed via secureJsonData.

Using k8s secrets in concourse pipeline

This question is similar to this one Concourse CI can't find kubernetes secrets . However, the marked solution in it did not work for me.
I have setup concourse using this helm chart https://github.com/helm/charts/tree/master/stable/concourse
My release name is concourse-ci. So, my namespace prefix is concourse-ci- and the team name is main.
So, following the documentation https://github.com/helm/charts/tree/master/stable/concourse#kubernetes-secrets I created my secrets like this
apiVersion: v1
kind: Secret
metadata:
name: git
namespace: concourse-ci-main
type: Opaque
data: #Base 64 (can be removed)
username: <base64 encoded username>
password: <base64 encoded password>
In mu pipeline, I have the following:
resources:
- name: my-repo
type: git
source:
uri: <my-uri>
branch: develop
username: ((git.username))
password: ((git.password))
When, I execute the pipeline with the above code, it gets' stuck. However, if I replace ((git.username)) and ((git.password)) with the actual values, it works perfectly fine.
Am I missing something? I tried creating the secret in concourse-ci instead of concourse-ci-main, but I still get the same error.
I have the following in values.yml
kubernetes:
enabled: true
and
rbac:
# true here enables creation of rbac resources
create: false

How to automatically connect Grafana (with PostgreSQL instead of SQLite 3) to Prometheus when using Helm

I am using Helm as for Kubernetes deployment (Grafana and Prometheus) specifically. I have specified values.yaml files for both of them. It works amazingly.
Since I have changed Grafana datasource from default sqlite3 to PostgreSQL - data-source configuration is now stored in PostgreSQL database.
Well, the problem is that in my values.yaml file* for **Grafana I have specified datasource as following:
datasources: {}
datasources.yaml:
apiVersion: 1
datasources:
- name: on-premis
type: prometheus
url: http://prom-helmf-ns-monitoring-prometheus-server
access: direct
isDefault: true
...
...
grafana.ini:
paths:
data: /var/lib/grafana/data
logs: /var/log/grafana
plugins: /var/lib/grafana/plugins
analytics:
check_for_updates: true
log:
mode: console
grafana_net:
url: https://grafana.net
database:
## You can configure the database connection by specifying type, host, name, user and password
## # as separate properties or as on string using the URL property.
## # Either "mysql", "postgres" or "sqlite3", it's your choice
type: postgres
host: qa.com:5432
name: grafana
user: grafana
# If the password contains # or ; you have to wrap it with trippel quotes. Ex """#password;"""
password: passwd
ssl_mode: disable
Unfortunately this does not take an effect and I have to configure connection to in Grafana web interface manually - which is not what I need. How do I specify this section correctly?
datasources: {}
datasources.yaml:
apiVersion: 1
datasources:
- name: on-premis
type: prometheus
url: http://prom-helmf-ns-monitoring-prometheus-server
access: direct
isDefault: true
remove '{}' after section datasources.
like this
datasources:
datasources.yaml:
apiVersion: 1
datasources:
- name: Prometheus
type: prometheus
url: http://prometheus-server
access: proxy
isDefault: true

cannot provision password in grafana datasource

I've been on this problem for a while but can't get it solved.
i'm trying to provision my datasources of grafana. Prometheus is working but i also need a postgres-datasource, which requires a password.
every setting except password is filled in.
i've been trying to use a yaml file and through curl. Sensitive data is changed by another value
curl:
curl 'http://admin:admin#127.0.0.1:3000/api/datasources' -X POST -H 'Content-Type: application/json;charset=UTF-8' --data-binary '{"name":"NameOfDataSource","type":"postgres","url":"172.17.0.4:5432","access":"proxy","isDefault":false,"database":"database","user":"username","password":"passwordOfUser","typeLogoUrl":"public/app/plugins/datasource/postgres/img/postgresql_logo.svg","basicAuth":false,"jsonData":{"keepCookies":[],"sslmode":"disable"},"readOnly":false}'
yaml file without comments:
apiVersion: 1
deleteDatasources:
- name: NameOfDataSource
orgId: 1
datasources:
- name: "NameOfDataSource"
type: "postgres"
access: "proxy"
url: "172.17.0.4:5432"
user: "usernamme"
password: "passwordOfUser"
database: "database"
basicAuth: false
isDefault: false
jsonData: {sslmode: "disable"}
readOnly: false
editable: true
Is there someone who can help me out?
Thanks in advance
it seems that if you check the api of grafana, it shows the password: between the other settings (as shown in my question) but it needs to be in secureJsonData instead.