Add environment for grafana-internal
Part of https://gitlab.com/gitlab-com/gl-infra/infrastructure/-/issues/10703
Details
- This is using the Jsonnet lib for Grafana which is very limited/minimalist, with additions taken from the Helm chart
- The database connection is handled by a SQL Auth proxy sidecar in public IP mode, as recommended by Google, it's secure and without the headaches from dealing with a private VPC
- It supports horizontal scaling based on CPU and memory usage
- Container-native load-balancing via GCE
- Datasources configuration via ConfigMaps
Dashboards provisioning
My idea for provisioning the dashboards and folders is to push them into ConfigMaps to be consumed by Grafana on startup. One issue with this is that the ConfigMaps have a size limit at 1MiB so they need to be split. This is all already handled nicely by the Jsonnet lib, though adding the ConfigMaps to the Deployment object from a separate pipeline would be tricky so I need to think more about how to do this. The big advantage is that we would no longer need a sync script from internal to public, the dashboards can be pushed simultaneously to both environments once per update from CI, and it would force all the public dashboards to be versioned in a repository. And cleanup is easy too, the dashboards provisioned from files are not stored in the database.
TODO
-
Add OAuth configuration -
Add datasources configuration (maybe in a later MR) -
Configure GCS storage for images -
Add environment to CI -
Terraform the non-k8s resources (https://ops.gitlab.net/gitlab-com/gl-infra/config-mgmt/-/merge_requests/3013): -
Google Service Account + roles -
Reserved external IP -
SSL policy -
Cloudflare DNS record for dashboards-next.gitlab.net
(temporary domain while being setup and tested)
-