grafana-dashboard
| Field |
Value |
| Service |
grafana-dashboard |
| Purpose |
Provision curated dashboards into the shared Grafana deployment |
| Criticality |
Tier 2 |
| Owner |
Platform / Observability owner |
| Clusters |
homelab, local |
| Namespace |
grafana |
| Exposure |
internet |
| Stateful |
yes |
| Backup class |
snapshot |
| RPO / RTO |
Git is authoritative for dashboards, 1 to 2 hours to restore provisioning |
| Last reviewed |
2026-05-20 |
1. Service Overview
This service packages dashboard JSON files, provisioning resources, and git-sync behavior so the shared Grafana instance exposes the expected platform dashboards.
Summary
If it fails, Grafana remains available but dashboards drift or disappear from the shared UI.
Dependencies
| Dependency |
Type |
Why it matters |
| Grafana |
application dependency |
Dashboards are consumed by the shared Grafana instance |
| Git sync sidecar |
provisioning |
Keeps dashboard content aligned with the repository |
| Traefik |
ingress |
Exposes the shared Grafana UI |
2. Architecture Diagram
[Git dashboards]
-> [git-sync / provisioning resources]
-> [Grafana]
-> [Traefik]
-> [Operators]
3. Deployment Specifications
| Item |
Value |
| Source path |
grafana-dashboard/base and grafana-dashboard/overlays/* |
| Deployment model |
Kustomize plus Fleet bundle |
| Namespace |
grafana |
| Workload kind |
Deployment support resources for Grafana |
| Chart or image version |
See Grafana deployment and git-sync image tags in manifests |
| Config files |
base/kustomization.yaml, overlays/homelab, overlays/local, fleet.yaml |
Cluster mapping
| Cluster |
Overlay path |
Notes |
| homelab |
grafana-dashboard/overlays/homelab |
Current homelab target |
| local |
grafana-dashboard/overlays/local |
Current local target |
4. Configuration Guide
Environment variables
| Variable |
Source |
Purpose |
Secret? |
| git-sync and Grafana provisioning settings |
overlay manifests and Secrets |
Dashboard sync, repository auth, and provisioning behavior |
mixed |
ConfigMaps
| Resource |
Path |
Purpose |
| Dashboard provisioning ConfigMaps |
grafana-dashboard/base and dashboards/ |
Provide dashboard JSON and provisioning metadata |
Secrets management
- Secret names: Git access token or repository auth secrets used by dashboard sync
- Source of truth: overlay secret inputs and generated manifests
- Rotation trigger: token rotation or repository access changes
- Recovery note: restore sync credentials before restarting provisioning workloads
5. Access Protocols
| Path |
URL or endpoint |
Audience |
Auth |
TLS terminates at |
| Internal |
Grafana service in the grafana namespace |
Cluster workloads and operators |
namespace RBAC |
Grafana / Traefik |
| External |
https://grafana.mutana.fr |
Operators and users |
Grafana auth or upstream auth proxy |
Traefik |
6. Operations and Observability
- Primary health indicators: dashboard folders present in Grafana and git-sync healthy.
- Dashboards or alerts: Grafana provisioning state and pod status.
- Log locations: grafana and git-sync pod logs.
- Known failure modes: bad Git token, broken ConfigMap format, or dashboard JSON drift.
7. Backup and Recovery Notes
- Backup method: Git is the primary source of truth plus Grafana PVC snapshot.
- Restore prerequisites: valid Git credentials and a healthy Grafana deployment.
- Related runbook: ../runbooks/grafana-dashboard.md
8. Release and Change Notes
- Current deployed app version: tied to the shared Grafana deployment.
- Current chart version: tied to the shared Grafana chart if used.
- Last significant change: dashboard provisioning updated with git-sync driven repository content and standardized overlays.
- Rollback reference: previous dashboard overlay revision in Git.