Skip to content

grafana-dashboard

Metadata

Field Value
Service grafana-dashboard
Purpose Provision curated dashboards into the shared Grafana deployment
Criticality Tier 2
Owner Platform / Observability owner
Clusters homelab, local
Namespace grafana
Exposure internet
Stateful yes
Backup class snapshot
RPO / RTO Git is authoritative for dashboards, 1 to 2 hours to restore provisioning
Last reviewed 2026-05-20

1. Service Overview

This service packages dashboard JSON files, provisioning resources, and git-sync behavior so the shared Grafana instance exposes the expected platform dashboards.

Summary

If it fails, Grafana remains available but dashboards drift or disappear from the shared UI.

Dependencies

Dependency Type Why it matters
Grafana application dependency Dashboards are consumed by the shared Grafana instance
Git sync sidecar provisioning Keeps dashboard content aligned with the repository
Traefik ingress Exposes the shared Grafana UI

2. Architecture Diagram

[Git dashboards]
  -> [git-sync / provisioning resources]
  -> [Grafana]
  -> [Traefik]
  -> [Operators]

3. Deployment Specifications

Item Value
Source path grafana-dashboard/base and grafana-dashboard/overlays/*
Deployment model Kustomize plus Fleet bundle
Namespace grafana
Workload kind Deployment support resources for Grafana
Chart or image version See Grafana deployment and git-sync image tags in manifests
Config files base/kustomization.yaml, overlays/homelab, overlays/local, fleet.yaml

Cluster mapping

Cluster Overlay path Notes
homelab grafana-dashboard/overlays/homelab Current homelab target
local grafana-dashboard/overlays/local Current local target

4. Configuration Guide

Environment variables

Variable Source Purpose Secret?
git-sync and Grafana provisioning settings overlay manifests and Secrets Dashboard sync, repository auth, and provisioning behavior mixed

ConfigMaps

Resource Path Purpose
Dashboard provisioning ConfigMaps grafana-dashboard/base and dashboards/ Provide dashboard JSON and provisioning metadata

Secrets management

  • Secret names: Git access token or repository auth secrets used by dashboard sync
  • Source of truth: overlay secret inputs and generated manifests
  • Rotation trigger: token rotation or repository access changes
  • Recovery note: restore sync credentials before restarting provisioning workloads

5. Access Protocols

Path URL or endpoint Audience Auth TLS terminates at
Internal Grafana service in the grafana namespace Cluster workloads and operators namespace RBAC Grafana / Traefik
External https://grafana.mutana.fr Operators and users Grafana auth or upstream auth proxy Traefik

6. Operations and Observability

  • Primary health indicators: dashboard folders present in Grafana and git-sync healthy.
  • Dashboards or alerts: Grafana provisioning state and pod status.
  • Log locations: grafana and git-sync pod logs.
  • Known failure modes: bad Git token, broken ConfigMap format, or dashboard JSON drift.

7. Backup and Recovery Notes

  • Backup method: Git is the primary source of truth plus Grafana PVC snapshot.
  • Restore prerequisites: valid Git credentials and a healthy Grafana deployment.
  • Related runbook: ../runbooks/grafana-dashboard.md

8. Release and Change Notes

  • Current deployed app version: tied to the shared Grafana deployment.
  • Current chart version: tied to the shared Grafana chart if used.
  • Last significant change: dashboard provisioning updated with git-sync driven repository content and standardized overlays.
  • Rollback reference: previous dashboard overlay revision in Git.